New-MgmtSvcMachineKey

Creates a machine key element.

Syntax

New-MgmtSvcMachineKey [-Base64] [-Decryption <String>] [-DecryptionKeySize <Int32>] [-Validation <String>]
 [<CommonParameters>]

Description

The New-MachineKey cmdlet creates a <machineKey> configuration element for use in the web.config file.
The Initialize-MgmtSvcFeature cmdlet calls this cmdlet to generate the initial keys stored during configuration.

A machine key can be a validation key to confirm the integrity of data, or a decryption key to encrypt or decrypt forms authentication data.
This cmdlet generates a value in memory.
It is recommended that you periodically rotate the machine keys.
For example, once per year.

Examples

Example 1: Create a machine key

PS C:\>([xml](New-MgmtSvcMachineKey)).OuterXml
This command creates a machine key configuration element by using the Hash-based Message Authentication Code (HMAC) SHA256 (HMACSHA256) for validation and the Advanced Encryption Standard (AES) encryption method for decryption.

Parameters

-Base64

Indicates that the validation and decryption values are Base64 encoded.

Type:SwitchParameter
Required:False
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False

-Decryption

Specifies an algorithm to encrypt and decrypt forms authentication data.

Type:String
Required:False
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False

-DecryptionKeySize

Specifies a key size, in bits, of the algorithm used to encrypt and decrypt forms authentication data.

Type:Int32
Required:False
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False

-Validation

Specifies a hash algorithm used to validate data.

Type:String
Required:False
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False