This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms

Wednesday, September 26, 2012  Muthu Nadar  No comments

Actually, this issue is not caused by IIS, the problem occurs when the following conditions are true:
  • The HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\fipsalgorithmpolicy registry subkey is set to 1.
  • ASP.NET 2.0 uses the RijndaelManaged implementation of the AES algorithm when it processes view state data. The ReindaelManaged implementation has not been certified by the National Institute of Standards and Technology (NIST) as compliant with the Federal Information Processing Standard (FIPS). Therefore, the AES algorithm is not part of the Windows Platform FIPS validated cryptographic algorithms.
To work around this problem, change the configuration in the application-level Web.config file. Specify that ASP.NET use the Triple Data Encryption Standard (3DES) algorithm to process view state data. To do this, follow these steps:
  1. In a text editor such as Notepad, open the application-level Web.config file.
  2. In the Web.config file, locate the <system.web> section.
  3. Add the following <machineKey> section to in the <system.web> section: <machineKey validationKey="AutoGenerate,IsolateApps" decryptionKey="AutoGenerate,IsolateApps" validation="3DES" decryption="3DES"/>
  4. Save the Web.config file.
  5. Restart the Microsoft Internet Information Services (IIS) service. To do this, run the following command at a command prompt: iisreset
After doing this also if it is not working then set the subkey HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\fipsalgorithmpolicy value to 0



Reference: Muthukumar (http://nadarmuthukumar.blogspot.in), ref
Hope you liked this and let me know your thoughts on post through your comments :)

Posted in: ,,,

0 comments:

Post a Comment

Twitter Delicious Facebook Digg Stumbleupon Favorites More