none
This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.

    Question

  • I'm developing a Visual Studio 2008 web app on Windows Server 2008R2 for a government client. When I attempt to compile, I get this error (even for the the default web app that is created with a new solution):

    This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.

    I've read other posts that talk about the problem - but none with a solution that works. I do not have the option of turning this FIPS compliant switch off. Adding the following to the web.config file doesn't help either:

        <machineKey validationKey="AutoGenerate,IsolateApps" decryptionKey="AutoGenerate,IsolateApps" validation="3DES" decryption="3DES" />

    Do I have to provide a key in the above statement?

    Please help!
    Tuesday, March 09, 2010 12:19 AM

Answers

  • I solved the problem by inserting this statement in the machine.config files in the .NET Framework folder;

    <configuration>

        <runtime>

            <enforceFIPSPolicy enabled="false"/>  

     </runtime>

    </configuration>

    • Marked as answer by DanDoney Friday, October 14, 2011 6:25 PM
    Friday, October 14, 2011 6:24 PM

All replies

  • after making the change, did you restart IIS services?
    jon.stromer.galley
    Tuesday, March 09, 2010 1:26 AM
  • Hi DanDoney,
    You may restart IIS with prompt: iisreset, and try build application again to see whether it works.
    Sincerely,
    Eric
    MSDN Subscriber Support in Forum
    If you have any feedback of our support, please contact msdnmg@microsoft.com.
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    Welcome to the All-In-One Code Framework! If you have any feedback, please tell us.
    Tuesday, March 09, 2010 1:54 AM
  • Jon & Eric,
    Thank you for your quick response - sorry for the delay getting back to you. For now, I'm running on the Visual Studio Development Server - not IIS. I've tried iisreset & rebooting the computer after making the change - neither worked. I cannot even compile the solution as the IDE is defaulting on the error. I'm hoping VS2008 SP1 addresses this - were moving the files to install the service pack now. You can imagine the impact - I can't even build/run the simplest ASP.NET app with the FIPS setting on (now a requirement for the agency I support). Any advice?

    Thanks,

    Dan

    Tuesday, March 09, 2010 4:56 PM
  • ugg, right the dev server.....

    I did a little sluthing and came up with this.  You might be able to turn off the check via editing

    DevEnv.Exe.config
        and / or
    WebDev.WebServer.Exe.config 

    <configuration>
        <runtime>
            <enforceFIPSPolicy enabled=”0” />
            <!-- or maybe ="false" -->
        </runtime>
    </configuration>
    


    jon.stromer.galley
    • Marked as answer by DanDoney Friday, March 12, 2010 2:30 PM
    • Unmarked as answer by DanDoney Friday, May 27, 2011 12:58 PM
    Tuesday, March 09, 2010 8:29 PM
  • Hi DanDoney,
    I'm writing to check the issue status, does jgalley's suggestion help, please feel free to let us know if you have any concern.
    Sincerely,
    Eric
    MSDN Subscriber Support in Forum
    If you have any feedback of our support, please contact msdnmg@microsoft.com.
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    Welcome to the All-In-One Code Framework! If you have any feedback, please tell us.
    Friday, March 12, 2010 9:26 AM
  • Thanks Eric - I haven't had time to get back to testing this. We got a waiver to turn off the FIPS flag. When I come up for air I'll check on the proposed solution. I appreciate the help you and Jon have provided. Will mark as answered for now...
    Friday, March 12, 2010 2:30 PM
  • The requirement to turn on the FIPS setting has come down more forcefully. I'm able to develop with this setting on - now using VS2010 SP1. When I deploy (even a simple Hello World web app) I get the FIPS error when I attempt to access a page. I am deploying to .NET 3.5 framework on a Windows Server 2008 R2.

    I've tried the following work-arounds:

    1) The web.config entry suggested above. (I used "false").

    2) Set EnableViewState="false" for the page causing the error.

    3) Set machine key to 3DES in the config file

    None of the above alleviate the problem. I'm stuck!

    Friday, May 27, 2011 1:26 PM
  • I'm having the same issue as DanDoney - The blank application compiles fine, but the second I add a blank class (without ANY code) I receive the FIPS error.
    Saturday, July 02, 2011 7:16 PM
  • I solved the problem by inserting this statement in the machine.config files in the .NET Framework folder;

    <configuration>

        <runtime>

            <enforceFIPSPolicy enabled="false"/>  

     </runtime>

    </configuration>

    • Marked as answer by DanDoney Friday, October 14, 2011 6:25 PM
    Friday, October 14, 2011 6:24 PM