Skip to main content

I have a customer who is getting the below message and their non prod environment is unusable. Would they need to reach out to MS as this is a Microsoft exception?

 

Category: Microsoft.AspNetCore.Antiforgery.DefaultAntiforgery
EventId: 7
SpanId: 0309bd647ee93dbb
TraceId: 4cefed6e1e4819386f968508f75281dc
ParentId: 0000000000000000
RequestId: 8000006e-0001-c000-b63f-84710c7967bb
RequestPath: /FSMCRP/WebClient/
ActionId: 409bced6-9d2e-4714-9d82-c18a59db81bc
ActionName: FSM.WebClient.Server.Controllers.HomeController.Index (FSM.WebClient)

An exception was thrown while deserializing the token.

Exception: 
Microsoft.AspNetCore.Antiforgery.AntiforgeryValidationException: The antiforgery token could not be decrypted.
 ---> System.Security.Cryptography.CryptographicException: The key {accf16bb-cd1f-4afc-ad53-f12920cef1ca} was not found in the key ring. For more information go to http://aka.ms/dataprotectionwarning
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.UnprotectCore(Byte(] protectedData, Boolean allowOperationsOnRevokedKeys, UnprotectStatus& status)
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Unprotect(Bytec] protectedData)
   at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgeryTokenSerializer.Deserialize(String serializedToken)
   --- End of inner exception stack trace ---
   at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgeryTokenSerializer.Deserialize(String serializedToken)
   at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgery.GetCookieTokenDoesNotThrow(HttpContext httpContext)

Hi Ann,

can you please provide more details, e.g. environment setup / architecture details, load balancing in-place?

I saw this error once for a customer who had load balancing. Basically, it might be related to the load balancer configuration (persistency?) and eventually incorrect configured FSM endpoints.
 

Best regards
Roman


@roklde they do have load balancing in place, that I know for sure. I have also asked the customer if they could do a comparison of their OS level and .Net version from their CRP environment that is having the issue against an environment that is working properly. 


@Ann Degroat they need to make sure that the recommendations for load balanced environments are implemented as described in the Installation guide:
 

Especially, the last point is crucial to avoid any issues with user sessions.

Best regards
Roman


Reply