I have Setup a Database for developing that is available in the local network. I implemented the Dataprotection Api to encrypt some of the sensitive information of my models(Entity Framework), before saving it to the database. In Startup I configured it like this:
var keysfolder = Path.Combine(Environment.ContentRootPath, "Keys");
services.AddDataProtection()
.PersistKeysToFileSystem(new DirectoryInfo(keysfolder));
The Key is in the folder,not protected and shared in the repository because it is only for Test Data. I can access the data in my app on 2 different Linux machines but on one Windows PC I get a Invalid Payload exception. They share the same commit and use the same purpose strings. So I must have failed to understand it. I thought that I can backup the keys and the database in production and redeploy, if necesarry on a different machine without loosing the data. Can anybody explain why I can´t use the key on the Windows PC?
I have a solution to this problem. I found the answer here: https://techcommunity.microsoft.com/t5/iis-support-blog/system-security-cryptography-cryptographicexception-the-payload/ba-p/1919096
You have to call SetApplicationName when registering DataProtection:
services.AddDataProtection()
.SetApplicationName("MyApp")
.PersistKeysToFileSystem(new DirectoryInfo(keysfolder))