Edit

Share via


MachineKeySection.DecryptionKey Property

Definition

Gets or sets the key that is used to encrypt and decrypt data, or the process by which the key is generated.

public:
 property System::String ^ DecryptionKey { System::String ^ get(); void set(System::String ^ value); };
[System.ComponentModel.TypeConverter(typeof(System.Configuration.WhiteSpaceTrimStringConverter))]
[System.Configuration.ConfigurationProperty("decryptionKey", DefaultValue="AutoGenerate,IsolateApps")]
[System.Configuration.StringValidator(MinLength=1)]
public string DecryptionKey { get; set; }
[<System.ComponentModel.TypeConverter(typeof(System.Configuration.WhiteSpaceTrimStringConverter))>]
[<System.Configuration.ConfigurationProperty("decryptionKey", DefaultValue="AutoGenerate,IsolateApps")>]
[<System.Configuration.StringValidator(MinLength=1)>]
member this.DecryptionKey : string with get, set
Public Property DecryptionKey As String

Property Value

A key value, or a value that indicates how the key is generated. The default is "AutoGenerate,IsolateApps".

Attributes

Examples

The following example demonstrates how to set the DecryptionKey property by using code. This example is part of a larger example provided for the MachineKeySection class.

// Display DecryptionKey property.
Console.WriteLine("DecryptionKey: {0}",
  configSection.DecryptionKey);
' Display DecryptionKey property.
Console.WriteLine("DecryptionKey: {0}", configSection.DecryptionKey)

Remarks

The DecryptionKey property is used for encryption and decryption, such as in Windows Forms authentication, and for view state when the Validation property is set to "3DES" or "AES".

Use the "AutoGenerate" option to specify that ASP.NET generates a random key and stores it in the Local Security Authority. The "AutoGenerate" option is part of the default value.

If you add the "IsolateApps" modifier to the "AutoGenerate" ValidationKey value, ASP.NET generates a unique encrypted key for each application by using each application's AppDomainAppVirtualPath. This is the default setting.

If you add the "IsolateByAppId" modifier to the "AutoGenerate" ValidationKey value, ASP.NET generates a unique encrypted key for each application by using each application's AppDomainAppId. If two distinct applications share a virtual path (perhaps because those applications are running on different ports), this flag can be used to further distinguish them from one another. The "IsolateByAppId" flag is understood only by ASP.NET 4.5, but it can be used regardless of the MachineKeySection.CompatibilityMode setting.

If you need to support configuration across a network of Web servers (a Web farm), set the DecryptionKey property manually to ensure consistent configuration. For information about how to manually generate values for the DecryptionKey attribute, see How To: Configure MachineKey in ASP.NET 2.0.

This property is typically set declaratively in the DecryptionKey attribute of the machineKey element of the Web.config file. For more information, see the machineKey element.

Applies to

See also