.net Core web application using DataProtection with redis as storage provider

See original GitHub issue

Hi guys,

I have a .net core 2.0 web api project which is deployed as AWS Lambda using data protection with redis as storage provider. I followed the article https://docs.microsoft.com/en-us/aspnet/core/security/data-protection/configuration/overview?tabs=aspnetcore2x to set up. I also use x.509 certificate for the key encryption. However I always get the below errors during the startup.

Some code for the set up

X509Certificate2 cert = new X509Certificate2(Convert.FromBase64String(certificate), certPassword);
var redis = ConnectionMultiplexer.Connect(dpRedisConStr);
services.AddDataProtection()
             .PersistKeysToRedis(redis)
             .ProtectKeysWithCertificate(cert);

[Error] Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager: An exception occurred while processing the key element ‘<key id="a0604cb3-8f04-43f0-a9eb-a2ed5138a486" version="1" />’.

[Warning] Microsoft.AspNetCore.DataProtection.KeyManagement.DefaultKeyResolver: Key {a0604cb3-8f04-43f0-a9eb-a2ed5138a486} is ineligible to be the default key because its CreateEncryptor method failed.

Can anyone give some advice?

Cheers

Jason

Issue Analytics

  • State:closed
  • Created 6 years ago
  • Comments:23 (9 by maintainers)

github_iconTop GitHub Comments

1reaction
jasondaicodercommented, Mar 18, 2018

@natemcmaster , looks like setting the HOME directory to /tmp resolved the problem.

Thanks guys.

0reactions
jasondaicodercommented, Mar 25, 2018

It would be scoped to just the cookie options. If you don’t set it manually, the cookie protector defaults to the application-wide protection provider.

Yep, noticed. And the solution you gave actually works. Thanks.

Read more comments on GitHub >

github_iconTop Results From Across the Web

Key storage providers in ASP.NET Core
StackExchangeRedis package allows storing data protection keys in a Redis cache. Keys can be shared across several instances of a web app.
Read more >
.net Core web application using DataProtection with redis ...
Hi guys, I have a .net core 2.0 web api project which is deployed as AWS Lambda using data protection with redis as...
Read more >
How to distribute Data Protection keys with an ASP.NET ...
DataProtection.StackExchangeRedis package allows you to store data protection keys in a Redis cache backed by a list entry. This list entry will be...
Read more >
Configure ASP.NET Core Data Protection
Learn how to configure Data Protection in ASP.NET Core. ... If you use Azure Blob Storage, only the web app should have the...
Read more >
Redis Key Storage Provider
By using the Steeltoe Redis key storage provider, you can reconfigure the data protection service to use Redis on Cloud Foundry for storage....
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found