An exception was thrown while deserializing the token on Ubuntu

aspnet / Antiforgery

[Archived] AntiForgery token feature for ASP.NET Core. Project moved to https://github.com/aspnet/AspNetCore

Apache License 2.0

78 stars 40 forks source link

An exception was thrown while deserializing the token on Ubuntu #173

Closed dexterhussain closed 6 years ago

dexterhussain commented 6 years ago

We are developing a project using anti-forgery in dotnet core 2.0 . We are making this project on windows machine no redis nothing but as soon as I publish this to ubuntu it gives me these errors,

: Microsoft.AspNetCore.Antiforgery.Internal.DefaultAntiforgery[7] An exception was thrown while deserializing the token. System.InvalidOperationException: The antiforgery token could not be decrypted. ---> System.Security.Cryptography.CryptographicException: The payload was invalid.

dexterhussain commented 6 years ago

Gives no errors on Windows Development Machine

mkArtakMSFT commented 6 years ago

@dexterhussain, can you please share a project with a repro? @blowdart, any thoughts regarding this?

blowdart commented 6 years ago

Did you configure data protection yet? On linux there's no safe way for data protection to store keys, unlike on Windows, so you need to make a specific choice on how you want your keys saved.

Start with the file system, then layer an X509 certificate on top if you feel it's needed. https://docs.microsoft.com/en-us/aspnet/core/security/data-protection/configuration/overview?tabs=aspnetcore2x

aspnet-hello commented 6 years ago

This issue was moved to aspnet/Home#2409