Are you using multiple CD Servers architecture (Sitecore
Web Farm)? Have you checked the machine key across the CD servers?
Are you using any below functionality in your solution?
- __VIEWSTATE
- forms authentication tickets,
- MVCs anti-forgery tokens,
- and other services which use machine key
- any encryption/decryption using machine key
All the above
functionality is machine key dependent.
And if your machine key
is not sync across the multiple CD servers, then you might face some below problem.
- Sometimes login failed (during password encryption/decryption)
- Server Error in '/' Application.Validation of viewstate MAC failed. If this application is hosted by a web farm or cluster, ensure that <machineKey> configuration specifies the same validationKey and validation algorithm. AutoGenerate cannot be used in a cluster.
These error still coming
after enabled the affinity in the load balancer
Load balancer- sticky session
(affinity) helps to ensure that any
given client only interacts with one physical server behind the load balancer
so that all cryptographic payloads will be both generated by and consumed by
the same server.
But sometimes most load
balancers will redirect the client to a different physical server if the
original server to which the load balancers were affinitized goes offline. This causes the new server to
reject cryptographic payloads. That the client currently has.
We faced the same issue "Validation of viewstate MAC failed error" in log file.
and also faced some cryptography error because we used some machine key depended algorithms in the project.
NOTE: we used sticky session in load balancer, but one of our server went down
frequently and we didn't set the machine key in the web config. so this is the root cause of all problems
Solution: Sync the machine key across the CD servers:
Generate <machineKey>
element for separate web config application:
By using IIS
- Open your IIS Manager from Administrative tool -> Internet Information Services Manager.
- In Connection pane on left side of window, click on the website.
Place these key in webconfig for each CD server
application
<?xml version="1.0"
encoding="UTF-8"?>
<configuration>
<system.web>
<machineKey decryptionKey="F6722806843145965513817CEBDECBB1F94808E4A6C0B2F2,IsolateApps" validationKey="C551753B0325187D1759B4FB055B44F7C5077B016C02AF674E8DE69351B69FEFD045A267308AA2DAB81B69919402D7886A6E986473EEEC9556A9003357F5ED45,IsolateApps" />
</system.web>
</configuration>
<configuration>
<system.web>
<machineKey decryptionKey="F6722806843145965513817CEBDECBB1F94808E4A6C0B2F2,IsolateApps" validationKey="C551753B0325187D1759B4FB055B44F7C5077B016C02AF674E8DE69351B69FEFD045A267308AA2DAB81B69919402D7886A6E986473EEEC9556A9003357F5ED45,IsolateApps" />
</system.web>
</configuration>
Sitecore Always Recommended to keep the same machine key in web config across the multiple CD servers environment
I hope this article will help you!!
Happy Sitecore :)
Happy Sitecore :)