![\"image\"](\"https:\/\/license.citruslime.com\/cs\/blogs\/crmcs\/image_0E5FED03.png\" "\\"image\\"")
<\/figure>\n\n\n\nThis is due to the way that the View State may be being generated against one Web Server using a particular Encryption Key and then reposted to a different Web Server that is using a separate and different Encryption Key \u2013 leading to an error between the two different Encryption Keys as the key in use at the Client may not match the Key at the Server in this Load Balancing arrangement.<\/p>\n\n\n\n
In effect, giving us the following scenario:<\/p>\n\n\n\n
1. User accesses Webpage via Web Server A<\/strong> \u2013 receives Encryption Key from A<\/p>\n\n\n\n 2. User posts back Webpage to Web Server A<\/strong> \u2013 with Web Server A validating the Encryption Key correctly \u2013 no error to the user<\/p>\n\n\n\n 3. User posts back the Webpage again, and the Load Balancing \/ Web Farm directs the Request to Web Server B<\/strong> instead \u2013 Web Server B then tries to decrypt the Viewstate using it\u2019s own Encryption Key, finds the difference between Key A and Key B and so throws this error \u2013 user is then presented with the error<\/p>\n\n\n\n The resolution to this is similar to ensuring Session State is consistent when using Load Balancers and Web Farms \u2013 ensuring that a common Encryption Key exists between both Servers A and B, giving us a single key that both A and B use to manage Viewstate to make which Server the User is requesting from irrelevant.<\/p>\n\n\n\n How do we do this?<\/strong><\/p>\n\n\n\n To put this common key in place, we need to run through two steps:<\/p>\n\n\n\n 1. Generate the Key \u2013 we access Powershell on the selected Server and run the following command:<\/p>\n\n\n\n Generate-MachineKey<\/strong><\/p>\n\n\n\n This will generate a new Encryption Key in the form that can be used in our Web Application.<\/p>\n\n\n\n <machineKey decryption=”AES” decryptionKey=”ABC” validation=”SHA1″ validationKey=”DEF” \/><\/strong><\/p>\n\n\n\n 2. Insert this key into our Web Application \u2013 we then need to access the Web.Config on each of our Load Balanced Web Servers and add the <machineKey> tag into the configuration under the <system.web> section:<\/p>\n\n\n\n <configuration><\/strong><\/p>\n\n\n\n <system.web><\/strong><\/p>\n\n\n\n <machineKey decryption=”AES” decryptionKey=”ABC” validation=”SHA1″ validationKey=”DEF” \/><\/strong><\/p>\n\n\n\n The key here being to ensure that each Server is using the same \u2018decryptionKey\u2019 and \u2018encryptionKey\u2019 as generated by the Powershell.<\/p>\n\n\n\n With these two steps in place, the Web Servers should share the same Encryption Key for Viewstate and so this error should no longer occur.<\/p>\n\n\n\n Further Reading<\/strong><\/p>\n\n\n\n This encryption of ViewState is a common part of the ASP.Net Framework and so have many articles and useful reading across the web, particularly from Microsoft and MSDN. The links below give a more detailed set of information on this topic.<\/p>\n\n\n\n Resolving View State Message Authentication Code (MAC) errors<\/strong><\/p> https:\/\/support.microsoft.com\/en-us\/kb\/2915218#bookmark-appendixa<\/strong><\/a><\/strong><\/p><\/blockquote>\n\n\n\n Machine Key Element in ASP.NET<\/strong><\/p>