views:

489

answers:

2

I encrypted the AppSettings part of my web.config, tested it on my machine and it worked, but when I uploaded to use it online it gave me an error:

Configuration Error Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately.

Parser Error Message: Failed to decrypt using provider 'DataProtectionConfigurationProvider'. Error message from the provider: Key not valid for use in specified state. (Exception from HRESULT: 0x8009000B)

Line 24: <appSettings configProtectionProvider="DataProtectionConfigurationProvider">
Line 25:  <EncryptedData>

I used the following sub to encrypt:

Private Sub ProtectSection(ByVal sectionName As String, ByVal provider As String)
        Dim config As Configuration = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath)

        Dim section As ConfigurationSection = config.GetSection(sectionName)

        If section IsNot Nothing AndAlso Not section.SectionInformation.IsProtected Then
            section.SectionInformation.ProtectSection(provider)
            config.Save()
        End If
    End Sub
A: 

You need to publish with the section decrypted. The key that is used to encrypt/decrypt is machine specific.

To encrypt the config sections online call the ProtectSection() method in Application_Start() of global.asax.

Jeremy
You mean I need to Encrypt it online?
Maen
yes, the ProtectSection() method you are using will do this the first time the application gets hit.
Jeremy
Did it, problem solved...thanks a lot...
Maen
A: 

You need to set the MachineKey

.net encryption uses the MachineKey as the seed for Encryption / Decryption

http://msdn.microsoft.com/en-us/library/w8h3skw9.aspx

You need to generate a key and use it on both machines. You can't just use Autogenerate it either.

Easier to just upload unencrypted and encrypt manually on the server if you can, otherwise you need the exact same MachineKey

Chad Grant