Connectionstring error after encypted using aspnet_regiis.exe

Question

I've encrypted the connectionstring in my web.config file using the steps in the link below: http://www.codeproject.com/KB/database/WebFarmConnStringsNet20.aspx

However, whenever I call my application, it will give the following error:

Failed to decrypt using provider 'CustomProvider'. Error message from the provider: The RSA key container could not be opened.

The server where I perform the encryption is a 64-bit Windows Server 2003 R2 SP2. Because of that I assign the ACL to "NT Authority\Network Service". Yet it still doesn't work.

Hope someone has some ideas what else do I need to check to get this working.

PS. If I used the default rsa key "NetFrameworkConfigurationKey" for encryption, then the connectionstring will not have an access problem.

Answer 1

Did you remember to add the

<configProtectedData>

to your web.config?

Answer 2

Well, I found the source of the problem, and boy was it embarrassing. In the attribute keyContainerName, I spelled the name incorrectly.

That it. That's what caused the problem.

Apparently, the encryption will work even if you provide an incorrect keyContainerName, which I incorrectly assumed will fail. So, once I decrypt the connectionstring and re-encrypt with the right keyContainerName, it works fine.

BTW, make sure to decrypt your existing connectionstring before correcting the keyContainerName. The aspnet_regiis.exe will complain about bad data, because the provider is now different.