DotNetNewsgroup.com  
web access to complete list of Microsoft.NET newsgroups
   home   |   control panel login   |   archive  |  
 
  carried group
academic
adonet
aspnet
aspnet.announcements
aspnet.buildingcontrols
aspnet.caching
aspnet.datagridcontrol
aspnet.mobile
aspnet.security
aspnet.webcontrols
aspnet.webservices
assignment_manager
datatools
dotnet.distributed_apps
dotnet.general
dotnet.myservices
dotnet.nternationalization
dotnet.scripting
dotnet.security
dotnet.vjsharp
dotnet.vsa
dotnet.xml
dotnetfaqs
framework
framework.clr
framework.compactframework
framework.component_services
framework.controls
framework.databinding
framework.drawing
framework.enhancements
framework.interop
framework.odbcnet
framework.performance
framework.remoting
framework.sdk
framework.setup
framework.webservices
framework.windowsforms
framework.wmi
frwk.windowsforms.designtime
lang.csharp
lang.jscript
lang.vb
lang.vb.controls
lang.vb.data
lang.vb.upgrade
lang.vc
lang.vc.libraries
  
 
start date: Thu, 16 Aug 2007 18:04:31 -0700,    posted on: microsoft.public.dotnet.framework.aspnet.security        back       

Thread Index
  1    Diane Droubay


Export / Import key problem    
I have encrypted the identity section of my web.config file, using the RSA 
provider. The built-in encrypt/decrypt works just fine. The problem is, when 
I move the app to another machine.

My web.config provider entry looks like this.

	<configProtectedData>
		<providers>
			<add name="MyProvider" 
type="System.Configuration.RsaProtectedConfigurationProvider, 
System.Configuration, Version=2.0.0.0, Culture=neutral, 
PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL" 
keyContainerName="MyKey" useMachineContainer="false"/>
		</providers>
	</configProtectedData>

I moved the app, exported the key using the Certificate snap-in in mmc, then 
imported it into the other machine and used aspnet_regiis to grant 
permissions to the ASPNET user. When I try to run my app on this box, I get 
the following error:

Configuration Error 
Description: An error occurred during the processing of a configuration file 
required to service this request. Please review the specific error details 
below and modify your configuration file appropriately. 

Parser Error Message: Failed to decrypt using provider 
'RsaProtectedConfigurationProvider'. Error message from the provider: The RSA 
key container could not be opened.

Source Error: 


Line 68: 		<authentication mode="Windows"/>
Line 69:     <identity 
configProtectionProvider="RsaProtectedConfigurationProvider">
Line 70:       <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element"
Line 71:          xmlns="http://www.w3.org/2001/04/xmlenc#">
Line 72:         <EncryptionMethod 
Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />


If I delete the encrypted section in the web.config file on the new box, 
then re-encrypt from there, it works fine again, but is not portable to my 
other machine. This makes me think that the export/import is not working 
correctly.

Any ideas?

Thanks.
Date:Thu, 16 Aug 2007 18:04:31 -0700   Author:  

Google
 
Web dotnetnewsgroup.com


COPYRIGHT ?2005, EUROFRONT WORLDWIDE LTD., ALL RIGHT RESERVE  |   Contact us