I've uploaded my website to a webhosting and this error came up;
'Error occurred during a cryptographic operation.'.
I've done some research and it seems that the formauthenticated cookie is bound to the MachineKey (which differs when using webhost).
I've found a method that should fix this problem but the error remains.
CODE:
/// <summary>
/// This method removes a cookie if the machine key is different than the one that saved the cookie;
/// </summary>
protected void Application_Error(object sender, EventArgs e)
{
var error = Server.GetLastError();
var cryptoEx = error as CryptographicException;
if (cryptoEx != null)
{
FederatedAuthentication.WSFederationAuthenticationModule.SignOut();
Global.Cookies.FormAuthenticated Cookie = new Global.Cookies.FormAuthenticated();
Cookie.Delete();
Server.ClearError();
}
}
STACKTRACE:
[CryptographicException: Error occurred during a cryptographic operation.]
System.Web.Security.Cryptography.HomogenizingCryptoServiceWrapper.HomogenizeErrors(Func`2 func, Byte[] input) +115
System.Web.Security.Cryptography.HomogenizingCryptoServiceWrapper.Unprotect(Byte[] protectedData) +59
System.Web.Security.FormsAuthentication.Decrypt(String encryptedTicket) +9824926
Archive_Template.Main.resolveLoginUser(String sessionKey) in f:\Archive_Template\Archive_Template\Main.aspx.cs:481
Archive_Template.Main.OnPreInit(EventArgs e) in f:\Archive_Template\Archive_Template\Main.aspx.cs:52
System.Web.UI.Page.PerformPreInit() +31
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +335
If you receive this error when implementing single sign on (as described here http://www.alexboyang.com/2014/05/28/sso-for-asp-net-mvc4-and-mvc5-web-apps-shared-the-same-domain/), make sure to have the same target framework across all projects. I had one project with .NET 4.0 and the other on .NET 4.5.2.
Changing the first one to 4.5.2 fixed the issue for me.
I had the same issue: MVC 5 ASP.Net Web Application .net Framework 4.6.1
Solution:
I faced the same problem. I just cleared all of browser's cookies and cache data and it got fixed.I hope it will work for you too.
I ran into this problem when I tried to take a forms authentication cookie created by an ASP.NET 2.0 app and decrypt it inside an .NET4.5 Web API project. The solution was to add an attribute called "compatibilityMode" to the "machineKey" node inside my web api's web.config file:
Documentation: https://msdn.microsoft.com/en-us/library/system.web.configuration.machinekeysection.compatibilitymode.aspx
And from the doc, here are the allowed values for that attribute:
For anyone who hasn't solved their problem, I was missing the "machineKey" entry for encrypt/decrypt in my web.config
I was getting crypto errors when validating the AntiForgery token.
I believe it was because I had just made some security control configuration changes to my server to configure application recycling to recycle when Virtual Memory limits hit 1,000,000 Kilobytes.
This was definitely way too little for virtual memory recycling. Private memory usage can be set to 1,000,000 KB, but virtual memory should be given a lot more space.
I noticed my application was recycling much too often.
I increased the Virtual Memory limit to 10,000,000 KB and those errors went away. I believe the application pool may have been recycling as I was filling out the form.