locked
Machine Keys RRS feed

  • Question

  • Is there a way to re-generate machine keys for Windows Server 2012 R2 for Web Servers running IIS, and database servers where IIS is not installed?

    I found the setting in IIS Manager on Machine Key, where you can generate new keys, but is this actually stored somewhere, if so where?

    Running Windows Server 2012 R2 with IIS8.5 and Windows Server 2012 R2 with SQL Server 2012 SP3

    We need to  provide info to our security auditors to explain how we reset keys when their is suspicion that the key has been compromised.

    Any information would be appreciated.

    DJ

    Tuesday, December 27, 2016 11:47 PM

All replies

  • Hi,

    >>Is there a way to re-generate machine keys for Windows Server 2012 R2 for Web Servers running IIS, and database servers where IIS is not installed?

    I found the setting in IIS Manager on Machine Key, where you can generate new keys, but is this actually stored somewhere, if so where?

    1.Delete the exist Machinkey,and generate again.

    2.Machine key stores as follow path:

    %ALLUSERSPROFILE%\Application Data\Microsoft\Crypto\RSA\MachineKeys

    %ALLUSERSPROFILE%\Application Data\Microsoft\Crypto\DSS\MachineKeys


    Best Regards,
    Cartman
    Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, December 28, 2016 6:14 AM
  • Hi,

    I am checking to see if the problem has been resolved. If there's anything you'd like to know, don't hesitate to ask.


    Best Regards
    Cartman
    Please remember to mark the replies as an answers if they help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Tuesday, January 3, 2017 6:56 AM