Hi, I have created the RSA keypair file and placed it in my root folder and let DASP know. I have read the knowledge base article on encrypting the connection string but I seem to have hit a brick wall. I was not sure what what to substitute here -site "Default Web Site" -app "/WebSite1". Yes I do have IIS installed but when I test my site it just loads as http://localhost:81/ Sorry if this sounds a bit lame. Thus I tried using the following as suggested by http://aspnet.4guysfromrolla.com/articles/021506-1.aspx ... F:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_regiis.exe -pef "connectionStrings" "C:\inetpub\wwwroot\CMS" –prov "DataProtectionConfigurationProvider" but it just returned the attached screen shot. My web.config file still looks the same. Thus I am assuming that no encrypted key has been created or do I need to look elsewhere? What am I doing wrong? Will
Have Now Created Encrypted Key in web.config OK went to sleep got up had a Google and found that the issue was that I was putting quotes round connectionStrings. So I should have put ... F:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_regiis.exe -pef connectionStrings "C:\inetpub\wwwroot\CMS" -prov "DataProtectionConfigurationProvider" Ran this and it replaced the <connectionStrings> section with a new <connectionStrings configProtectionProvider="DataProtectionConfigurationProvider"> section in the web.config file. Feel I am a little further down the track. But Does Not Work On DASP Live Site Tested site on local IIS server with new encrypted connection string and it works. Uploaded new web.config file to DASP and it does not. I get this error ... Parser Error Message: Failed to decrypt using provider 'DataProtectionConfigurationProvider'. Error message from the provider: Key not valid for use in specified state. (Exception from HRESULT: 0x8009000B) My web.config file looks like this... <configProtectedData defaultProvider="MyRsaProtectedConfigurationProvider"> <providers> <add name="MyRsaProtectedConfigurationProvider" type="System.Configuration.RsaProtectedConfigurationProvider, System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL" keyContainerName="NetFrameworkConfigurationKey_MyDaspControlPanelUsername" useMachineContainer="true" /> </providers> </configProtectedData> <connectionStrings configProtectionProvider="DataProtectionConfigurationProvider"> <EncryptedData> <CipherData> <CipherValue>AQAAANCMnd8BFdERjHoAwE/C......etc</CipherValue> </CipherData> </EncryptedData> </connectionStrings> The website is v3.5 and hosted on IIS8 on DASP. My local IIS is 7.5. Any ideas what the problem is?
I've never done this before, but here are a few observations: You're using a -pef instead of -pe before "connectionstrings", and I don't think you need to change "connectionstrings" since that is the section you want to encrypt in the web.config file. For "Default Web Site", it should be the name of your website. If you don't know what it is locally, open up IIS Manager to see the name. It's under the Sites folder. I believe "/Website1" refers to your application name which should be directly under your website's name. I think this is optional. You omit it if you want to encrypt the web.config file in the root.
Hi, Many thanks I followed your clear advice and did this... F:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_regiis.exe -pe "connectionStrings" -site "CMS" -app "/" Where app = the location of the web.config file. Works locally and on DASP. Will
