We have the IIS Crash/Hang agent installed on the production IIS servers. It seems to record quite a lot of start/stop events. Do these imply that something is really happening? if so, what other events should I be looking for to correlate? I don't see anything that looks significant except possibly for an ASP .NET event that's pretty much "invalid session id"
Our production servers all have the same machine key. However, our production and development systems do not have identical machine keys. We get heaps (about one per second) of exceptions of the form
System.Security.Cryptography.CryptographicException: Padding is invalid and cannot be removed.
at System.Security.Cryptography.RijndaelManagedTransform.DecryptData()
at System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock()
at System.Security.Cryptography.CryptoStream.FlushFinalBlock()
at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData()
at System.Web.UI.Page.DecryptStringWithIV()...
We deploy the code after a build, .cs source is not present on production. aspx files are present on production.
(Should I have posted in Stack Overflow? It's not a coding question.)
From experimentation, we've found using the dev machine key value causes the exceptions to go away. Does anyone have documentation that I can use with the security team on the need for identical keys at compile and deployment time?