Encrypting and Decrypting Configuration Sections- Encrypt app.config and run on another machines.

Right now,  we are facing one issues related to .net problem. Hence I  thought to give a try with all of you .

 

If you know the problem or  solved similar one earlier, please help us and we are happy to provide charge code for your time. This is  pure .NET  technical  problem and no functional knowledge required.

 

Problem: Encrypt the app.config of .net  application and decrypt at run time on another machine.

 

So for,  I’m able to encrypt app.config  using aspnet_regiis.exe tool  based on the example given blow.

 

http://social.msdn.microsoft.com/Forums/en/winforms/thread/3b5a1d1f-aa57-40d8-8607-fee0b2a8a6db

 

 

It is successful if I encrypt the file and run the .exe on the same machine, the .exe is able to decrypt the file  successfully.  But when I deploy  the encrypted file on to another machine the psytekk.exe is simply closing and crashing. Then I realized to use keys and import on target machines.

 

This import and export  stuff is not working properly for me i.e. the encryption is not happening with “custom providers” before I export the key. Hence helplessL

 

Could you help me with this problem? Let me know if you need any  further details from my side.

 

Thanks in advance.   

SOLUTION 1:

 

Please go through the below link.

 

http://msdn.microsoft.com/en-us/library/ff647398.aspx

 

 SOLUTION 2:

 

Building an ASP.NET website is becoming easier with each new release of the .NET framework, but as the learning curve flattens and more and more developers create forward-facing sites, security concerns need to be considered. One of the easiest new methods of ensuring that confidential information remains secure is to encrypt sensitive sections of your web.config file.

·                     We can use the ASP.NET IIS Registration Tool (Aspnet_regiis.exe) to encrypt or decrypt sections of a Web configuration file. ASP.NET will automatically decrypt encrypted configuration elements when the Web.config file is processed.

·                     Encrypt Configuration Section:

o        Open up your Visual Studio 2005 command promt tool, and run the following command:

aspnet_regiis -pe "connectionStrings" –app "/testDomain" -prov "DataProtectionConfigurationProvider"

Here is the reference for the above command:

-pe : the encryption argument to aspnet_regiis utility

connectionStrings: Specifies the subsection of the web.config to encrypt

-app/testDomain: The encryption should occur at this virtual path

-prov "DataProtectionConfigurationProvider": determines the type of encryption to perform. Use DataProtectionConfigurationProvider to apply encryption via the Windows DPAPI. I find this is easier to use for basic encryption. This method will generate the decryption key and place it in the Local Security Authority.

·                     Decrypt Configuration Section:

o        To decrypt encrypted configuration file contents, you use the Aspnet_regiis.exe tool with the -pd switch and the name of the configuration element to be decrypted. You do not need to specify the –prov switch to identify the name of the ProtectedConfigurationProvider, because that information is read from the configProtectionProvider attribute of the protected configuration section.aspnet_regiis -pd "connectionStrings" -app "/testDomain" 

aspnet_regiis -pd "connectionStrings" –app "/testDomain"

·                     The default encryption type is "RSAProtectedConfigurationProvider" uses the .NET Framework’s RSACryptoServiceProvider class’ public key algorithm.

·                     Once you’ve encrypted your web.config sections, you’re set. The beauty of this is that you as a developer need not do anything to your code to decrypt this information. Any component that requires access to an encrypted section will automagically decrypt this information.