help.axcms.netAxinom Logo
Save Save Chapter Send Feedback
KB10052: CryptographicException: Padding is invalid and cannot be removed
This exception is thrown if a new encryption key is generated due to appliaction pool recycling and view state cannot be decrypted. A solution is to set up a fixed machineKey.


The following exception is thrown:

System.Security.Cryptography.CryptographicException: Padding is invalid and cannot be removed.
   at System.Security.Cryptography.RijndaelManagedTransform.DecryptData(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount, Byte[]& outputBuffer, Int32 outputOffset, PaddingMode paddingMode, Boolean fLast)
   at System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount)
   at System.Security.Cryptography.CryptoStream.FlushFinalBlock()
   at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, IVType ivType, Boolean useValidationSymAlgo)
   at System.Web.UI.Page.DecryptStringWithIV(String s, IVType ivType)
   at System.Web.Handlers.AssemblyResourceLoader.System.Web.IHttpHandler.ProcessRequest(HttpContext context)
   at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) 


This exception occurs when Application Pool is recycled. After reload there is a new encryption key, which makes decrypting of the view state impossible.

This is ASP.NET behaviour and has nothing to do with


You can set a fixed machine key to prevent a new one being generated. You can create it yourself or generate using a machinekey generator.

In the web.config it looks like this:


This step is even more important if you are using a web farm.