Community discussion forum

Back to discussion

Encrypting Web.config sections in ASP.NET 2.0

Last post was 12 Oct 2006 at 20:52
Tags: United Kingdom
This is a comment thread discussing Encrypting Web.config sections in ASP.NET 2.0
  • 10 years ago

    This thread is for discussions of Encrypting Web.config sections in ASP.NET 2.0.

    Report abuse
  • Advertisement

    Simply the fastest line-level profiler for .NET ever

    “The low overhead means it has minimal impact on the execution of my program”
    Mark Everest, Development Team Leader, Renault F1 Team Ltd.

    Try out the new ANTS Profiler 4 for yourself. Download your 14-day trial now

  • 2 years ago

    I have tried this on 3 of my websites and it works on 2 of them but I cannot figure out why it won't work on the 3rd one.  I did it using the aspnet_regiis command line.  I keep getting an error saying that reads as follows:


    Encrypting Configuration section...
    A configuration file cannot be created for the requested Configuration object.
    Failed!


    I have multiple websites on my webserver. I have one under the wwwroot which I encrypted using an app path in the -app parameter that was simply:


    aspnet_regiis -pe "connectionStrings" -app "/"


    I have another which happens to be subweb. I did it like:


    aspnet_regiis -pe "connectionStrings" -app "/main/subweb"


    This one also worked.


    Then I tried it with one of my other ones which was not a subweb, I'll call it app2


    aspnet_regiis -pe "connectionStrings" -app "/app2"


    Now the way these webs are physically on the disc, the first one is under the inetpub/wwwroot and all of the rest are webs that are under a directory which I've named c:/myWebs.  So the actual physical sites are as follows:


    c:/myWebs/main/subweb


    c:/myWebs/app2


    The documentation that I can find says that the -app refers to the virtual directory so I am wondering if I am putting in the correct parameter for the -app keyword. Actually the name is pretty long - 23 characters, so maybe that could be a problem too.


    Anyway, I was thinking of doing this programatically, but then I wondered how would that actually work? Would I create a special page that only I could access that would have an encrypt and decrypt button? Otherwise, what would prevent a casual hacker from going in and encrypting it? or decrypting it? I think I'm missing part of the equation -- perhaps you can enlighten me...


    Thanks,


    Report abuse
  • 2 years ago

    I noticed you found your own answer - and if anyone else comes here looking for the answer, they can see your solution at:

    http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=218559&SiteID=1

    (which is basically to go to the properties of the folder, select the Web Sharing tab, and select "Share this folder")

    Thanks! :)

    Report abuse

Post a reply

Enter your message below

Sign in or Join us (it's free).

Quick links

Recent activity

Languages

Web Development

Frameworks & Architecture

Other major sections