I am using WIF 4.0 to build a claims aware RP and STS. I am having issues now that I have deployed to my production environment with multiple servers hosting the application. For some reason I get the dreaded
[CryptographicException: Key not valid for use in specified state. ]error after the user has been idle for some time. I was wondering if anyone has experience with this? Would using the Machine Key help? I am also seeing this error when resetting IIS on the servers. I have set the LoadUserProfile to true.