Skip to main content

Specifying Machine Keys with Windows Azure SDK 1.3

Posted on 7 December, 2010

One of the new features introduced in Windows Azure SDK 1.3 is the ability to host web roles under full IIS (instead of Hosted Web Core, as in previous SDK releases). Among other things, full IIS allows customers to host multiple web sites in a single web role. To support multiple web sites, a change was made in SDK 1.3 to set the machineKey element on a per-web-site basis rather than a per-machine basis. This had the unfortunate side effect of overwriting any site-level machineKey elements already specified in web.config.

A new MSDN topic, “Top Windows Azure Support Issues” includes information about this issue, among others. It describes a workaround:

In prior releases, the user could provide an explicit machine key by specifying the machineKey element in the site’s web configuration file.  Explicit site-level configuration would override the automatic machine-level configuration.

In the SDK 1.3 release, automatic configuration occurs at the site-level, overriding any user-supplied value.

A workaround is to programmatically update the site-level configuration during role instance start-up.

If you rely on specifying your own machine keys (e.g., if you use a membership provider which encrypts and hashes passwords), please read and apply the workaround, which includes full source code.