Change Microsoft Config File Encryption Method From TripleDES

Question

When encrypting (\"protecting\") Microsoft config sections, you get something that looks like the XML below. It follows (at least partially) the W3 spec for XML Encryption.

Answer 1

I've just checked RsaProtectedConfigurationProvider with the Reflector and as I found out there is nothing you can do to change tripledes-cbc to anything else.

So you have to write your own ProtectedConfigurationProvider if you want to use AES encryption. You may want to use the Reflector to give you a good start.

Answer 2

You probably want to build a custom ProtectedConfigurationProvider. See Implementing a Protected Configuration Provider and How to: Build and Run the Protected Configuration Provider Example.