New-MgmtSvcMachineKey
Creates a machine key element.
Syntax
New-MgmtSvcMachineKey
[-Validation <String>]
[-Decryption <String>]
[-DecryptionKeySize <Int32>]
[-Base64]
[<CommonParameters>]
Description
The New-MachineKey cmdlet creates a <machineKey> configuration element for use in the web.config file. The Initialize-MgmtSvcFeature cmdlet calls this cmdlet to generate the initial keys stored during configuration.
A machine key can be a validation key to confirm the integrity of data, or a decryption key to encrypt or decrypt forms authentication data. This cmdlet generates a value in memory. It is recommended that you periodically rotate the machine keys. For example, once per year.
Examples
Example 1: Create a machine key
PS C:\>([xml](New-MgmtSvcMachineKey)).OuterXml
This command creates a machine key configuration element by using the Hash-based Message Authentication Code (HMAC) SHA256 (HMACSHA256) for validation and the Advanced Encryption Standard (AES) encryption method for decryption.
Parameters
-Base64
Indicates that the validation and decryption values are Base64 encoded.
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Decryption
Specifies an algorithm to encrypt and decrypt forms authentication data.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DecryptionKeySize
Specifies a key size, in bits, of the algorithm used to encrypt and decrypt forms authentication data.
Type: | Int32 |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Validation
Specifies a hash algorithm used to validate data.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |