Saturday, August 27, 2016

Set Machine Key in Sitecore CD Server’s



Are you using multiple CD Servers architecture (Sitecore Web Farm)? Have you checked the machine key across the CD servers?

Are you using any below functionality in your solution?
  • __VIEWSTATE
  • forms authentication tickets,
  • MVCs anti-forgery tokens,
  • and other services which use machine key
  • any encryption/decryption using machine key


All the above functionality is machine key dependent.

And if your machine key is not sync across the multiple CD servers, then you might face some below problem.
  • Sometimes login failed (during password encryption/decryption)
  • Server Error in '/' Application.Validation of viewstate MAC failed. If this application is hosted by a web farm or cluster, ensure that <machineKey> configuration specifies the same validationKey and validation algorithm. AutoGenerate cannot be used in a cluster. 

These error still coming after enabled the affinity in the load balancer

Load balancer- sticky session (affinity) helps to ensure that any given client only interacts with one physical server behind the load balancer so that all cryptographic payloads will be both generated by and consumed by the same server.

But sometimes most load balancers will redirect the client to a different physical server if the original server to which the load balancers were affinitized goes offline. This causes the new server to reject cryptographic payloads. That the client currently has.

We faced the same issue "Validation of viewstate MAC failed error" in log file. 
and also faced some cryptography error because  we used some machine key depended algorithms in the project.

NOTE: we used sticky session in load balancer, but one of our server went down frequently and we didn't set the machine key in the web config. so this is the root cause of all problems 

Solution: Sync the machine key across the CD servers:

Generate <machineKey> element for separate web config application:
By using IIS
  • Open your IIS Manager from Administrative tool -> Internet Information Services Manager.
  • In Connection pane on left side of window, click on the website.










Place these key in webconfig for each CD server application



<?xml version="1.0" encoding="UTF-8"?> 
<configuration> 
    <system.web> 
        <machineKey decryptionKey="F6722806843145965513817CEBDECBB1F94808E4A6C0B2F2,IsolateApps" validationKey="C551753B0325187D1759B4FB055B44F7C5077B016C02AF674E8DE69351B69FEFD045A267308AA2DAB81B69919402D7886A6E986473EEEC9556A9003357F5ED45,IsolateApps" /> 
    </system.web> 
</configuration>


Sitecore Always Recommended to keep the same machine key in web config across the multiple CD servers environment 

I hope this article will help you!!

Happy Sitecore :)