locked
machineKey gets automatically inserted into web.config when debugging in Azure Emulator RRS feed

  • Question

  • My project is under source control.

    When I run my cloud project in the Azure emulator, it errors and says it needs write access to web.config.  So I checkout the web.config file, and the Azure emulator boots correctly.

    However, I noticed that the Azure emulator adds a Machinekey to my web.config file.  It's not part of a transformation; it literally edits my web.config file in my project and adds the following, immediately before </system.web>  :

    <machineKey decryption="AES" decryptionKey="(I removed this for safety)" validation="SHA1" validationKey="(I removed this for safety)" />

    Does anyone know why this happens?

    Thanks,

    Matt

    Monday, September 10, 2012 5:59 PM

Answers

All replies

  • Hi Matt!

    All Windows Azure instances running behind the load balancer on the different VM`s. And each of them must operate the same machineKey (it is used for VewState and Session State encryption). Thats why Azure emulator trying to change the Web.config when you run your app.

    Monday, September 10, 2012 10:14 PM
  • Hi Alex, thanks for the reply. 

    1.  Do you know if this was added in the 1.7 SDK?  I hadn't noticed this before.

    2.  How do I regenerate a new key?

    3.  Also, how is this handled when deploying to production in Azure?  Are machine key's coordinated automagically between web roles?  OR do we have to ensure we manually add a machine key to web.config before deployment?

    Thanks,

    Matt

    Tuesday, September 11, 2012 7:07 PM
  • Hi Mark!

    1. I am not sure when it was added, but I think it is implemented in much more earlier versions of SDK

    2. I do not understand why you may want to do this.

    3. Be sure, machine keys will be identicall across all Web Roles in your deployment. You do not need to manually manage it.

    Thanks,

    Alex

    Tuesday, September 11, 2012 10:16 PM
  • Alex, thanks very much for the helpful reply.

    One last question that you might know the answer to - why would the emulator modify the web.config file in my WebRole1 project, when it could use the transformed web.config file during runtime (in the obj directory).  It seems odd to me that my project's web.config gets modified (and must be checked out from source control).  Any ideas on this?

    Thanks again!

    Matt




    • Edited by OceanMorning Wednesday, September 12, 2012 1:39 AM
    Wednesday, September 12, 2012 1:36 AM
  • Currently this is by design. We don't use config file transformation. You can submit a feature suggestion on http://www.mygreatwindowsazureidea.com/forums/34192-windows-azure-feature-voting.
    Monday, September 24, 2012 9:41 AM