I have 2 web applications, one which produces a forms auth cookie, and another which manually decrypts that cookie. Both have identical machine keys in their web.config.
When the decrypting webapp tries to decrypt the cookie, it gets
Error occurred during a cryptographic operation.
I made a little console application which just takes the encrypted cookie string, and decodes it. This uses identical code to the decrypting webapp. The console application correctly decrypts the cookie.
This suggests to me that either the decryption key or algorithm is not correctly set in my decryption web application.
How can I check what decryption key and algorithm FormsAuthentication is actually using to confirm this?
Note: I've tried setting the compatibilityMode on machine key (as per ASP Website does not seem to use machineKey in Web.Config for FormsAuthentication.Decrypt).
