I am trying to enable TLS 1.2 on our Windows 2008 R2 server for PCI compliance, and I managed to get it working by following this obscure blog post that requires the inclusion of FIPS validation. Finally, after several weeks of searching for a solution, a single click, remote interaction between .NET and MS Web Deploy exchange data via TLS 1.2.
However, I also have web applications on the machine that stopped working when I turned on FIPS checking with the following error:
This implementation is not part of the cryptographic Windows FIPS authentication algorithms.
Description: An unhandled exception occurred during the execution of the current web request. Check the stack trace for more information about the error and where it appeared in the code.
Exception Details: System.InvalidOperationException: This implementation is not part of the cryptographic algorithms verified by FIPS for the Windows Platform.
Source Error:
An unhandled exception was thrown during the execution of the current web request. Information about the origin and location of the exception can be identified using the exception stack trace below.
Stack trace:
[InvalidOperationException: , FIPS Windows Platform.] System.Security.Cryptography.RijndaelManaged..ctor() +10489630 System.Web.Configuration.MachineKeySection.ConfigureEncryptionObject() +439 System.Web.Configuration.MachineKeySection.EnsureConfig() +152 System.Web.Configuration.MachineKeySection.HashData(Byte [] buf, Byte [] modifier, Int32 start, Int32 length) +48 System.Web.Configuration.MachineKeySection.HashAndBase64EncodeString (String s) +136 System.Web.SessionState.OutOfProcSessionStateStore.OneTimeInit() +763 System.Web.SessionState.OutOfProcSessionStateStore.Initialize( , NameValueCollection) +223 System.Web.SessionState.OutOfProcSessionStateStore.Initialize( , NameValueCollection, IPartitionResolver partitionResolver) +43 System.Web.SessionState.SessionStateModule.InitModuleFromConfig( HttpApplication, SessionStateSection) +11279756 System.Web.SessionState.SessionStateModule.Init( HttpApplication) +155 System.Web.HttpApplication.RegisterEventSubscriptionsWithIIS(IntPtr appContext, HttpContext, MethodInfo []) +480 System.Web.HttpApplication.InitSpecial( HttpApplicationState, MethodInfo [], IntPtr, HttpContext) +336 System.Web.HttpApplicationFactory.GetSpecialApplicationInstance( , HttpContext IntPtr) +350 System.Web.Hosting.PipelineRuntime.InitializeApplication(IntPtr appContext) +382
[HttpException (0x80004005): , FIPS Windows.] System.Web.HttpRuntime.FirstRequestInit( HttpContext) +11421094 System.Web.HttpRuntime.EnsureFirstRequestInit( HttpContext) +88 System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext) +4405316
: Microsoft.NET Framework : 2.0.50727.5485; ASP.NET: 2.0.50727.5491
ASP.NET , .
, , FIPS.
ASP.NET, ? .NET 3.5, ? , ?
. in-process session state, , cookie (, -, System.Security.Cryptography.RijndaelManaged). , ( ), AES , .