I have encrypted the section of my web.config using a machine level RSA key container. Worked great, BUT, when I deployed my web application to the team, I quickly discovered that using...
<sessionState mode="InProc" timeout="20" />
...was not saving the session variables between users. I found the solution to change the above to...
<sessionState mode="StateServer" stateConnectionString="tcpip=localhost:42424" cookieless="false" timeout="20" />
...which fixed the session variable issue but that resulted in "The RSA key container could not be opened" error when it attempted to read the encrypted section.
I read that the following "should" fix the issue:
aspnet_regiis -pa RSAProviderName "IIS APPPOOL[youapppoolname]" -full
...but it didn't.
