If I have the DecryptionKey and ValidationKey set to AutoGenerate in the machineKey section of the machine.config, how do i look up from .NET the actual generated keys which have been created?
We wish to use the same keys to encrypt and validate our own cookies.
Any clues/tips gratefully received.
I know this doesn't answer your question but to encrypt and validate your own cookies you don't need to know the actual values of the DecryptionKey and the ValidationKey. Just use Encrypt and Decrypt methods:
var ticket = new FormsAuthenticationTicket(
1,
"username",
DateTime.Now,
DateTime.Now.AddMinutes(10),
false,
"some user data");
string encryptedTicked = FormsAuthentication.Encrypt(ticket);
// TODO: use the encrypted ticket in a cookie
Using AutoGenerate will just cause you grief as you, or rather your users, will too often encounter exceptions. Between the time when the data was encrypted and when it's decrypted the keys can and will change (application restart via app pool recycle, Web.config touched, etc.).