IISCngProvider not synchronized in Dealing With Machine-specific Encrypted Properties

[lukaszherman]

Starting from IIS 10 properties encryption changed. Since then IISCngProvider is used and you cannot synchronize setting between different web servers using method in article.

Command aspnet_regiis -px "iisConfigurationKey" "D:\iisConfigurationKey.xml" -pri is not exporting IISCngProvider keys. After importing keys on second server application pools cannot read app pool credentials.

Topic was disscused on https://forums.iis.net/t/1234755.aspx?Shared+configuration+with+IIS+10+Windows+2016+and+IISCngProvider+IISWASOnlyCngProvider and https://forums.iis.net/t/1235576.aspx?+IIS+10+Shared+Configuration

And it's still the issue.

The only workaround is to export configuration using GUI and then import it using GUI. No so elegant way if you have 100s of IIS servers in a farm...