| Encryption/decryption problem. |
| Byron King posted at Thursday, November 08, 2007 2:21 PM |
Hi. I have an ASP.NET app that is built and deployed using MsBuild
and a web deployment project. A requirement for the project is to
encrypt the connection string on the production server. The connection
string is not in web.config, but in a file called
ConnectionStrings.config (catchy, eh?). On the build server, I created a key with a command similar to the following:
[CODE]
aspnet_regiis -pc "KeyName" -exp -csp "Microsoft Strong Cryptographic Provider"
[/CODE] I export the key to an XML file with this command: [CODE]
aspnet_regiis -px "KeyName" "c:\KeyName.xml"
[/CODE] I copy the XML file to the production server and then import it with the following command: [CODE]
aspnet_regiis -pi "KeyName" "c:\KeyName.xml"
[/CODE] Back on the build server, I encrypt the connection strings with the following command: [CODE]
aspnet_regiis -pef "connectionStrings" "c:\inetpub\wwwroot" -prov "ProviderName"
[/CODE]
When
a deployment occurs, the ConnectionStrings.config file gets copied to
the production server with all the other app code. After the
deployment is complete, any attempts to run the app or to manually
decrypt the connection strings are met with an error message: Parser Error Message: Failed to decrypt using provider 'ProviderName'.
Error message from the provider: Bad Data. I don't know what I'm missing, but I hope someone can help me. Thanks! |
 |
|
|
| |
| export |
| mark macumber replied to Byron King at Thursday, November 08, 2007 5:07 PM |
When you export the XML using the -px command, try using the -pri argument as well
i..e.
aspnet_regiis -px "KeyName" "c:\KeyName.xml" -pri
|
|
| |
| Thanks |
| Byron King replied to mark macumber at Thursday, November 08, 2007 5:12 PM |
Mark,
Thanks for the reply. The "-pri" should've been there. As it turns out, I was using a similarly named, but incorrect KeyName.xml file for import.
Cheers,
Byron
|
|
| |
|
|