Hi, Could you please help me? I've created a console .Net application and encrypted the app.config file with RSAProtectedConfigurationProvider. I've used an article http://www.codeproject.com/KB/dotnet/EncryptingTheAppConfig.aspx as an example for the Encryption. It works fine in an IDE on my XP desktop. Then I deployed my application to a Windows 2003 server. The package included the app's executable along with the encrypted app.exe.config file. However, the application failed on the server with the following exception: Unhandled Exception: System.Configuration.ConfigurationErrorsException: Failed to decrypt using provider 'RsaProtectedConfigurationProvider'. Error message from the provider: The RSA key container could not be opened. I decided to encrypt app.config on the server so I copied app.config and encrypted it. The app.exe.config looked encrypted and I ran the application. However, it failed: although it didn't raise an Rsa exception as before, it couldn't read a connection string. After I decrypted app.exe.config, I found that it contained only the below string although the original app.config had contained an application-specific connection string. I think that in order to resolve my issue I should export the RSA keys from my desktop to the server. Can you advise how can I do it (it's not a Web application!). Many thanks for your advice.
This is my auto-reply. I've found a solution in the article "APP.config encryption with RSA and Deployment" http://www.windows-tech.info/3/eeb72660842f865b.php. It is suggested to use custom keys. They are created, exported and imported with the aspnet_regiis utility. Here are my notes: 1. It works fine if IIS is installed on the development desktop and the target server. But for my Console application IIS is not needed, and it may not exist on the server. The author of the article provides a workaround in this case. I've found it a little complicated and used aspnet_regiis because IIS is installed both on my source and target machines. 2. After adding the configProtectedData section to my app.config file, Visual Studio created warnings: The 'keyContainerName' attribute is not declared. The 'useMachineContainer' attribute is not declared. The 'description' attribute is not declared. As per the article “Visual Studio throws warnings when sections of Web.Config are encrypted using RSA. by Darth Zar” http://connect.microsoft.com/VisualStudio/feedback/ViewFeedback.aspx?FeedbackID=109161, the warnings can be ignored for Web.config. I've ignored them in my case (for app.config), and everything worked fine. I hope my post has been useful.