gpt4 book ai didi

asp.net - 将 machineKey 添加到网络场站点上的 web.config

转载 作者:行者123 更新时间:2023-12-03 06:36:41 27 4
gpt4 key购买 nike

我们(实际上是我们的 IT 合作伙伴)最近为我们拥有的网络农场站点更改了一些 DNS,以便两台生产服务器在它们之间进行循环 DNS 切换。在此切换之前,我们实际上并没有遇到 WebResource.axd 文件的问题。自从切换以来,当我们点击实时公共(public) URL 时,我们会收到错误:

CryptographicException

Padding is invalid and cannot be removed.

当我们访问特定服务器本身时,它们加载得很好。我研究了这个问题,看来由于它们在两台服务器之间共享 Assets ,我们需要在每台服务器的 web.config 中拥有一致的 machineKey ,以便它们两者之间可以一致地加密和解密。我的问题是:

  1. 我可以通过服务器上的工具生成 machineKey,还是需要编写代码来执行此操作?
  2. 我是否只需将 machineKey 添加到每台服务器上的 web.config 中,还是您认为我需要做任何其他事情来使这两个服务器一起工作? (两个 web.config 目前都没有 machineKey)

最佳答案

这应该回答:

How To: Configure MachineKey in ASP.NET 2.0 - Web Farm Deployment Considerations

Web Farm Deployment Considerations

If you deploy your application in a Web farm, you must ensure that the configuration files on each server share the same value for validationKey and decryptionKey, which are used for hashing and decryption respectively. This is required because you cannot guarantee which server will handle successive requests.

With manually generated key values, the settings should be similar to the following example.

<machineKey  
validationKey="21F090935F6E49C2C797F69BBAAD8402ABD2EE0B667A8B44EA7DD4374267A75D7
AD972A119482D15A4127461DB1DC347C1A63AE5F1CCFAACFF1B72A7F0A281B"

decryptionKey="ABAA84D7EC4BB56D75D217CECFFB9628809BDB8BF91CFCD64568A145BE59719F"
validation="SHA1"
decryption="AES"
/>

If you want to isolate your application from other applications on the same server, place the in the Web.config file for each application on each server in the farm. Ensure that you use separate key values for each application, but duplicate each application's keys across all servers in the farm.

简而言之,要设置机器 key ,请参阅以下链接: Setting Up a Machine Key - Orchard Documentation

Setting Up the Machine Key Using IIS Manager

If you have access to the IIS management console for the server where Orchard is installed, it is the easiest way to set-up a machine key.

Start the management console and then select the web site. Open the machine key configuration: The IIS web site configuration panel

The machine key control panel has the following settings:

The machine key configuration panel

Uncheck "Automatically generate at runtime" for both the validation key and the decryption key.

Click "Generate Keys" under "Actions" on the right side of the panel.

Click "Apply".

并将以下行添加到 system.web 标记下所有 webservers 中的 web.config 文件(如果不存在)。

<machineKey  
validationKey="21F0SAMPLEKEY9C2C797F69BBAAD8402ABD2EE0B667A8B44EA7DD4374267A75D7
AD972A119482D15A4127461DB1DC347C1A63AE5F1CCFAACFF1B72A7F0A281B"
decryptionKey="ABAASAMPLEKEY56D75D217CECFFB9628809BDB8BF91CFCD64568A145BE59719F"
validation="SHA1"
decryption="AES"
/>

请确保您有机器 key 和 web.config 文件的永久备份

关于asp.net - 将 machineKey 添加到网络场站点上的 web.config,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/3855666/

27 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com