I've uploaded my website to a webhosting and this error came up;
'Error occurred during a cryptographic operation.'.
I've done some research and it seems that the formauthenticated cookie is bound to the MachineKey (which differs when using webhost).
I've found a method that should fix this problem but the error remains.
CODE:
/// <summary>
/// This method removes a cookie if the machine key is different than the one that saved the cookie;
/// </summary>
protected void Application_Error(object sender, EventArgs e)
{
var error = Server.GetLastError();
var cryptoEx = error as CryptographicException;
if (cryptoEx != null)
{
FederatedAuthentication.WSFederationAuthenticationModule.SignOut();
Global.Cookies.FormAuthenticated Cookie = new Global.Cookies.FormAuthenticated();
Cookie.Delete();
Server.ClearError();
}
}
STACKTRACE:
[CryptographicException: Error occurred during a cryptographic operation.]
System.Web.Security.Cryptography.HomogenizingCryptoServiceWrapper.HomogenizeErrors(Func`2 func, Byte[] input) +115
System.Web.Security.Cryptography.HomogenizingCryptoServiceWrapper.Unprotect(Byte[] protectedData) +59
System.Web.Security.FormsAuthentication.Decrypt(String encryptedTicket) +9824926
Archive_Template.Main.resolveLoginUser(String sessionKey) in f:\Archive_Template\Archive_Template\Main.aspx.cs:481
Archive_Template.Main.OnPreInit(EventArgs e) in f:\Archive_Template\Archive_Template\Main.aspx.cs:52
System.Web.UI.Page.PerformPreInit() +31
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +335
I have also experienced this when developing a new solution and running the website on localhost. Setting the machinekey made no difference, but simply deleting all the cookies for localhost solved the problem.
If you are using forms auth. you can signout when you catch the exception and allow your users to login and create a valid cookie
in your Global.asax.cs, from Catching errors in Global.asax, as long as you use Forms authentication (login/password). Worked for me.
Another option is to clear the cookies from browser setting and this allows new cookies to get stored.
This is due to the machine key is missing, which is used as a symmetric key to do the encryption and decryption.
To set the machine in the IIS;
I just had this aswell, i deleted the UserTokenCaches table entries from the database.