New-MgmtSvcMachineKey

Creates a machine key element.

Syntax

New-MgmtSvcMachineKey
   [-Validation <String>]
   [-Decryption <String>]
   [-DecryptionKeySize <Int32>]
   [-Base64]
   [<CommonParameters>]

Description

The New-MachineKey cmdlet creates a <machineKey> configuration element for use in the web.config file. The Initialize-MgmtSvcFeature cmdlet calls this cmdlet to generate the initial keys stored during configuration.

A machine key can be a validation key to confirm the integrity of data, or a decryption key to encrypt or decrypt forms authentication data. This cmdlet generates a value in memory. It is recommended that you periodically rotate the machine keys. For example, once per year.

Examples

Example 1: Create a machine key

PS C:\>([xml](New-MgmtSvcMachineKey)).OuterXml

This command creates a machine key configuration element by using the Hash-based Message Authentication Code (HMAC) SHA256 (HMACSHA256) for validation and the Advanced Encryption Standard (AES) encryption method for decryption.

Optional Parameters

-Base64

Indicates that the validation and decryption values are Base64 encoded.

Type:SwitchParameter
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Decryption

Specifies an algorithm to encrypt and decrypt forms authentication data.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-DecryptionKeySize

Specifies a key size, in bits, of the algorithm used to encrypt and decrypt forms authentication data.

Type:Int32
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Validation

Specifies a hash algorithm used to validate data.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False