I work for a .gov agency that is tightening up security policies on all workstations.
The new policy enables FIPS.
You can not run Visual Studio web applications in debug mode in VS when FIPS has been enabled.
This is effecting VS2005 and VS2008.
When you have debug="true" in the web.config file every single aspx page generates the following error
"Parser Error Message: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms."
With line 1 of the ASPX page highlighted. I attached images of my source code and the error generated.
I found a similar question here, under server software :confused: and the answer said to make some changes to the DEVENV.EXE.CONFIG file. But it wasn't very clear as to how exactly to make the changes.
I attempted to ask to expand upon the answer in that same thread and it forced me to create a new question.
The solution was was to "add the tag <enforceFIPSPolicy enabled = 0> to the runtime section" of the devenv.exe.config file. But after adding the <enforceFIPSPolicy enabled=0 />
tag I get the following error when I try and run VS 2008
"This application has failed to start because the application configuration is incorrect"
Where exactly between the runtime tags are you inserting the new tag? I have tried before <assemblyBinding>, after </assemblyBinding>, and inside assemblyBinding before the first <probing>
There is a similar question and solution on the asp.net forums. In it someone responded that Microsoft knows about the issue and the bug has been marked as closed.
I also found an MSDN article that mentions adding the following to the web.config file.
Adding this to the web.config made no difference, still generated the error.
The only way to view the page on the local workstation within the ASP.NET Development Server is to set debug to false in the web.config. Obviously this makes it pretty difficult to debug my application ;)
Turning off FIPS on our workstations is not an option. This is a directive from on high and getting an exception to policy will probably involve testifying before congress.
<assemblyIdentity name="Microsoft.Build.Framework" publicKeyToken="b03f5f7f11d50a3a" culture="neutral"/>
<bindingRedirect oldVersion="0.0.0.0-22.214.171.124" newVersion="126.96.36.199"/>
<assemblyIdentity name="EnvDTE" publicKeyToken="b03f5f7f11d50a3a" culture="neutral"/>
<bindingRedirect oldVersion="7.0.3300.0" newVersion="188.8.131.52"/>