tags:

views:

1869

answers:

5
+8  Q: 

Web.Config encryption using RsaProtectedConfigurationProvider - "Bad Data" error

I am attempting to encrypt connection string values in the Web.Config file for an ASP.NET 2.0 web application, following the procedure described on MSDN. Using the RsaProtectedConfigurationProvider, I created and exported a machine-level key on my development machine (using the -pri flag), and imported the key and granted access on the web server. Prior to testing automatic decryption by ASP.NET, I wanted to try manually decrypting the Web.Config.

I am able to manually encrypt and decrypt the Web.Config on the same machine using the -pef and -pdf parameters respectively, but manually decrypting on the web server fails with a "Bad Data" error message.

The oddest thing is that the keyContainerName attribute in my Web.Config file seems to be ignored. If I try replacing the correct value with gibberish (no longer corresponding to any key container I have created) the encryption and decryption still work on my development machine. Any ideas?

A: 

Hi,

Actually you can use EL from Microsoft just to encrypt your connection string. You can download it here: http://www.codeplex.com/entlib

hth

KG Sosa  2009-12-28 08:44:20
A: 

The RsaProtectedConfigurationProvider uses the machine account or the user account to encrypt the keys and save them in a file which called "key container", which usually saved in C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA. And the ASP.NET worker process identity (ASPNET user in XP/2000 or Network Service in case of 2003) should have access to these files to be able to decrypt it or you would get this error message.

Please check this link for more information

http://msdn.microsoft.com/en-us/library/dtkwfdky.aspx

Sanju  2010-01-30 09:37:27
+1  A: 
Sanju  2010-01-30 09:43:24
A: 

Be careful that the name of the element to encrypt is case sensitive. So you should use "connectionStrings" not "connectionstrings" or "ConnectionStrings".

mahdi  2010-02-01 09:37:08
A: 

Encrpyting is very case sensitive as mahdi said. I have used in my pc and taken it to the sever I had a problem the problem was from the RSA machine key containers that are stored in my PC folder OR directory. and If you want to know where the correction may be started before making any change, Just start from

\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys.

For info, kindly reffer to this link which might be a helpful....

http://msdn.microsoft.com/en-us/library/ms998283.aspx

Ahmed Yassin  2010-02-02 17:41:53

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps