Encrypt ASP.NET Configuration in Web.config Using aspnet_regiis.exe

 

Prerequisites

* Windows Server 2008 R2
* Run the commands from same directory as web.config:

Note

* No need to decrypt in application code. The encrypted section will be automatically decrypted during runtime.

Examples

Encrypt appSettings section

* Encrypt the whole appSettings section in web.config file.

  1.  
  2. C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_regiis.exe -pef appSettings . -prov DataProtectionConfigurationProvider
  3.  

* After encryption:

  1.  
  2. <configuration>
  3. <appSettings configProtectionProvider="DataProtectionConfigurationProvider">
  4. <EncryptedData>
  5. <CipherData>
  6. <CipherValue>...</CipherValue>
  7. </CipherData>
  8. </EncryptedData>
  9. </appSettings>
  10. ..
  11. </configuration>
  12.  

Decrypt appSettings section for Editing

  1.  
  2. C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_regiis.exe -pdf appSettings .
  3.  

Encrypt/Decrypt C# Application Config Section

* Same approach can be used to encrypt/decrypt C# application config files.
* Follow the steps:
- Rename application config file to web.config
- Run encrypt/decrypt command
- Rename web.config back to application config file name

References

* ASP.NET IIS Registration Tool (Aspnet_regiis.exe)
* Encrypting and Decrypting Configuration Sections

This entry was posted in IIS and tagged , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *


*