locked
Encrypting sections of the Web.Config file RRS feed

  • Question

  • User-900017823 posted

    I need to encrypt some sections of the Web.Config file for an older ASP.NET app I'm helping with. Besides the connectionStrings section, there's some other sections that have sensitive information in them. I'm hoping that they too can be encrypted. I've searched for how to do this, but only came across references for .NET 2. This is a .NET 4 ASP.NET Web Forms app. How do I encrypt sections in the Web.Config file for a .NET 4 ASP.NET app?

    Monday, April 9, 2018 8:47 PM

Answers

  • User-1457009535 posted

    I presume you passed below arguments.

    aspnet_regiis -pe "system.net/mailSettings" -app "/SampleApplication"

    If your application is not under "Default Web Site", then try below. Please note: -site is default to "1" which is an identifier for "Default Web Site". You can right click on your website and get the Identifier # from the advance settings. 

    aspnet_regiis -pe "connectionStrings" -app "/" -site "123"
    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Friday, May 11, 2018 4:04 PM

All replies

  • User475983607 posted

    I've searched for how to do this, but only came across references for .NET 2. This is a .NET 4 ASP.NET Web Forms app. How do I encrypt sections in the Web.Config file for a .NET 4 ASP.NET app?

    Both versions .NET 2.0 and 4 have the regiis.exe utility.

    https://msdn.microsoft.com/en-us/library/dtkwfdky(v=vs.100).aspx

    Are you having trouble located the framework folder? Maybe you have a 64 bit system?

    C:\Windows\Microsoft.NET\Framework64\v4.0.30319

    Monday, April 9, 2018 9:08 PM
  • User-900017823 posted

    One of the sites I found in answer to my search was this one here:

    https://msdn.microsoft.com/en-us/library/dx0f3cf2(v=vs.85).aspx

    This is for .NET 2, but I thought I'd try it on the test website I'm trying to get this fixed. I ran the command, but it gave me this error:

    A configuration file cannot be created for the requested Configuration object.
    Failed!

    Don't know why this would fail. Is it because I'm using .NET 4?

    Monday, April 9, 2018 9:20 PM
  • User-900017823 posted

    I've found that aspnet_regiis command run from the command line, works. I've successfully encrypted the connectionStrings section.

    But there are other sections I also need to encrypt. There's a mailSettings section with a username and password for some account, presumably for sending emails for whatever reason. And then there's a third section, the authentication section, which has a username and password, which I think would also be good to encrypt. But when I try to encrypt the mailSettings section I get the following error message:

    The configuration section 'mailSettings' was not found.
    Failed!

    Why didn't it work?

    Tuesday, April 10, 2018 2:42 PM
  • User475983607 posted

    Why didn't it work?

    I can only guess the pe switch is incorrect as you did not post the command line arguments.

    system.net/mailSettings/smtp

    Tuesday, April 10, 2018 3:08 PM
  • User-900017823 posted

    For the pe switch I used:

    -pe "mailSettings"

    Do I have to do some sort of subbing? i.e.: would this have worked:

    -pe "system.net/mailSettings"

    Tuesday, April 10, 2018 4:02 PM
  • User-1457009535 posted

    I presume you passed below arguments.

    aspnet_regiis -pe "system.net/mailSettings" -app "/SampleApplication"

    If your application is not under "Default Web Site", then try below. Please note: -site is default to "1" which is an identifier for "Default Web Site". You can right click on your website and get the Identifier # from the advance settings. 

    aspnet_regiis -pe "connectionStrings" -app "/" -site "123"
    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Friday, May 11, 2018 4:04 PM