发表新帖
发表新帖

encrypting web.config failed error

后端 未结
关注
9 1123
囚心锁ツ
囚心锁ツ 2021-02-18 13:18

I know that ppl have already asked questions regarding encrypting web.config.

im also trying to encrypt my test config file, but im getting this error.

aspnet_re

9条回答
  • 心在旅途
    心在旅途 (楼主)
    2021-02-18 13:39

    Encrypt/Decrypt web.config

    • source is taken from this link https://mywebanecdotes.com/2016/09/17/encrypting-credentials-in-app-config-for-multiple-machines/
    • Firstly, if you have App.config, you need to rename to Web.config. And when done rename it back. This is because aspnet_regiis.exe recognize only Web.config file.
    • Then create a custom attribute SecuredSettings(any name is fine) either in you App.config or Web.config file.
    • In C# you can retrieve these values as you would do it normally. eg:
    var attr = ConfigurationManager.GetSection("SecuredSettings") as NameValueCollection;
var value = attr["pwrd"];
    • The rest is ecrypting or decrypting
    • Run cmd As Administrator , and locate to C:\Windows\Microsoft.NET\Framework\v4.0.30319
    • "Create a public/private RSA key pair with a specfic container name. They should also be marked as exportable (otherwise what is the point!)"
    • aspnet_regiis.exe -pc MyCustomKeys -exp
    • "Grant permissions for accounts to access the container"
    • aspnet_regiis.exe -pa MyCustomKeys "NT AUTHORITY\NETWORK SERVICE"
    • "The following line will now encrypt your section (the pwdr value). The -pef switch is telling the application to look for a web.config file and to use provider that is declared in the beginning (which is using type RsaProtectedConfigurationProvider)"
    • aspnet_regiis.exe -pef "SecuredSettings" "C:\DEV\ConsoleApp\DEX" -prov MyEncryptionProvider
    • Export those Keys to another machine (if needed)
    • aspnet_regiis.exe -px MyCustomKeys keys.xml -pri it will generate keys.xml file in C:\Windows\Microsoft.NET\Framework\v4.0.30319
    • copy this file and put it in another machine where you would like to use it, to the same location C:\Windows\Microsoft.NET\Framework\v4.0.30319, and run:
    • aspnet_regiis -pi MyCustomKeys keys.xml
    • after you can delete the file from both sides.
    • Don't forget to rename Web.config to App.config, if you did so at the beginning.
    • TO Decrypt the file:
    • aspnet_regiis.exe -pdf "SecuredSettings" "C:\DEV\ConsoleApp\DEX"

    0 讨论(0)
 看不清?
提交回复
热议问题