Please refer to the following link that mentions the key pair being generated by .Net in the "machineKey" folder when aspose tries to verify the license file. Can this mechanism of Apspose be looked into, so the Aspose uses its own public/private keys to circumvent the crypto providers key generation?
Aspose.Word tries to verify a digital signature on a license file and instantiates a .NET crypto provider. There is a behaviour (maybe a bug) in .NET in that the crypto provider always generates a key pair in its constructor. This is very inefficient behavior from .NET because Aspose.Word does not need a new key since it has a public key that it will use to verify the license, but nothing can be done to avoid the crypto provider generating a key every time.
The key pair created by the crypto provider is normally stored in a user profile, but an ASP.NET application usually runs under the ASPNET user account and this account does not have a user profile loaded. Therefore Aspose.Word instructs the crypto provider to store the key in the machine-wide key storage (recommended by Microsoft in this situation for any ASP.NET application).
For the .NET crypto provider to be able to store the key in the machine-wide, the above mentioned folder MachineKeys folder must exist and the ASPNET account must have permissions to write to it.
Please note this requirement is not specified to Aspose.Word, it is general for any ASP.NET application trying to use encryption algorithms provided by .NET that employ public/private key pairs.