Solved

The antiforgery token could not be decrypted

  • 17 February 2023
  • 3 replies
  • 1856 views
Ann Degroat
Rank
Userlevel 4
Badge +12

I have a customer who is getting the below message and their non prod environment is unusable. Would they need to reach out to MS as this is a Microsoft exception?

 

Category: Microsoft.AspNetCore.Antiforgery.DefaultAntiforgery
EventId: 7
SpanId: 0309bd647ee93dbb
TraceId: 4cefed6e1e4819386f968508f75281dc
ParentId: 0000000000000000
RequestId: 8000006e-0001-c000-b63f-84710c7967bb
RequestPath: /FSMCRP/WebClient/
ActionId: 409bced6-9d2e-4714-9d82-c18a59db81bc
ActionName: FSM.WebClient.Server.Controllers.HomeController.Index (FSM.WebClient)

An exception was thrown while deserializing the token.

Exception: 
Microsoft.AspNetCore.Antiforgery.AntiforgeryValidationException: The antiforgery token could not be decrypted.
 ---> System.Security.Cryptography.CryptographicException: The key {accf16bb-cd1f-4afc-ad53-f12920cef1ca} was not found in the key ring. For more information go to http://aka.ms/dataprotectionwarning
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.UnprotectCore(Byte[] protectedData, Boolean allowOperationsOnRevokedKeys, UnprotectStatus& status)
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Unprotect(Byte[] protectedData)
   at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgeryTokenSerializer.Deserialize(String serializedToken)
   --- End of inner exception stack trace ---
   at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgeryTokenSerializer.Deserialize(String serializedToken)
   at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgery.GetCookieTokenDoesNotThrow(HttpContext httpContext)

icon

Best answer by roklde 24 February 2023, 09:19

View original
Ann DeGroat

3 replies

roklde
Rank
Userlevel 6
Badge +23

Hi Ann,

can you please provide more details, e.g. environment setup / architecture details, load balancing in-place?

I saw this error once for a customer who had load balancing. Basically, it might be related to the load balancer configuration (persistency?) and eventually incorrect configured FSM endpoints.
 

Best regards
Roman

Ann Degroat
Rank
Userlevel 4
Badge +12

@roklde they do have load balancing in place, that I know for sure. I have also asked the customer if they could do a comparison of their OS level and .Net version from their CRP environment that is having the issue against an environment that is working properly. 

Ann DeGroat
roklde
Rank
Userlevel 6
Badge +23

@Ann Degroat they need to make sure that the recommendations for load balanced environments are implemented as described in the Installation guide:
 

Especially, the last point is crucial to avoid any issues with user sessions.

Best regards
Roman

Reply


Terms & ConditionsCookie settings