I have tried this on 3 of my websites and it works on 2 of them but I cannot figure out why it won't work on the 3rd one. I did it using the aspnet_regiis command line. I keep getting an error saying that reads as follows:
Encrypting Configuration section...
A configuration file cannot be created for the requested Configuration object.
Failed!
I have multiple websites on my webserver. I have one under the wwwroot which I encrypted using an app path in the -app parameter that was simply:
aspnet_regiis -pe "connectionStrings" -app "/"
I have another which happens to be subweb. I did it like:
aspnet_regiis -pe "connectionStrings" -app "/main/subweb"
This one also worked.
Then I tried it with one of my other ones which was not a subweb, I'll call it app2
aspnet_regiis -pe "connectionStrings" -app "/app2"
Now the way these webs are physically on the disc, the first one is under the inetpub/wwwroot and all of the rest are webs that are under a directory which I've named c:/myWebs. So the actual physical sites are as follows:
c:/myWebs/main/subweb
c:/myWebs/app2
The documentation that I can find says that the -app refers to the virtual directory so I am wondering if I am putting in the correct parameter for the -app keyword. Actually the name is pretty long - 23 characters, so maybe that could be a problem too.
Anyway, I was thinking of doing this programatically, but then I wondered how would that actually work? Would I create a special page that only I could access that would have an encrypt and decrypt button? Otherwise, what would prevent a casual hacker from going in and encrypting it? or decrypting it? I think I'm missing part of the equation -- perhaps you can enlighten me...
Thanks,