1

I'm creating a new asp.net core 2 website that's using data protection as per this article. As a first pass I created this without protecting the keys (since we're not in production yet) e.g.

public void ConfigureServices(IServiceCollection services)
{
    services.AddDataProtection()
        .PersistKeysToFileSystem(new DirectoryInfo(@"\\server\share\directory\"));
}

As expected this generated unprotected keys in our test environment. Next, I added the ProtectKeysWithCertificate extension so that all newly generated keys are encrypted e.g.

public void ConfigureServices(IServiceCollection services)
{
    services.AddDataProtection()
        .PersistKeysToFileSystem(new DirectoryInfo(@"\\server\share\directory\"))
        .ProtectKeysWithCertificate("thumbprint");
}

The problem I have however is exactly that ... it's only encrypting new keys. It's happily using the original non-encrypted key as it's never been revoked and it's expiry is months in the future.

Is there a way for asp.net to detect that the configuration of Data Protection has changed and for it to generate a new key?

This article suggests that if we need settings to kick in before the scheduled rolling time to make a call to IKeyManager.CreateNewKey but I don't want that to happen every time the app starts.

As I said this hasn't gone to production yet so I do have the fall back option of manually removing the keys from our test environment but am curious to know if there is another way.

Camilo Terevinto
  • 31,141
  • 6
  • 88
  • 120
Gavin Sutherland
  • 1,666
  • 3
  • 23
  • 36
  • More an idea than an answer: if you used a new random Guid for the application name on startup (`.SetApplicationName(Guid.NewGuid().ToString)`), shouldn't that trigger new keys every time? – Camilo Terevinto Feb 02 '18 at 11:18
  • @CamiloTerevinto ... in this case I can't do that. Eventually we will be sharing the auth cookie so the other site would need to know the same Guid. – Gavin Sutherland Feb 02 '18 at 11:24

0 Answers0