K. Scott Allen : Encrypting Custom Configuration Sections

Encrypting Custom Configuration Sections

The ASP.NET IIS Registration Tool (Aspnet_regiis.exe) can encrypt and decrypt sections of web.config. There is no special code required in an application, as ASP.NET 2.0 will magically decrypt sections at runtime.

The tool and runtime can also work together to encrypt and decrypt custom configuration sections. So if I have the following in web.config:

<configSections>
   <section 
      name="sampleSection" 
      type="System.Configuration.SingleTagSectionHandler" 
   />
</configSections>

<MySecrets
   FavoriteMusic="Disco" 
   FavoriteLanguage="COBOL" 
   DreamJob="Dancing in the opening ceremonies of the Olympics" 
/>

All I need to do from the command line, is:

aspnet_regiis -pef MySecrets . 

It’s easier than a double pirouette…

posted on Sunday, January 08, 2006 11:54 PM by scott

Comments

Monday, January 09, 2006 9:56 AM by -:[web caboodle]:-

# Encrypting Custom Configuration Sections

Monday, January 09, 2006 6:54 PM by Christopher Steen

# Link Listing - January 9, 2006

A C# Set class based on enums - You don´t want to be without
it when constructing a compiler ;-) [Via:...

Tuesday, January 10, 2006 12:13 AM by Glyn Simpson

# re: Encrypting Custom Configuration Sections

Is this based on some unique machine identifier? Could I encrypt parts of a web.config on one machine and then deploy on another and expect it to work?

If so, that's smart!

Glyn

Tuesday, January 10, 2006 8:54 AM by scott

# re: Encrypting Custom Configuration Sections

Glyn:

Well, no, not that smart.

The example I have in the post will use a machine-specific key.

If you want to encrypt once and share amoung servers you'll need to use custom keys and the RSA provider, more details here: http://msdn2.microsoft.com/en-us/library/68ze1hb2(en-US,VS.80).aspx

Tuesday, January 17, 2006 11:04 PM by 菊池 Blog

# Encrypting Custom Configuration Sections

Encrypting Custom Configuration Sections

Thursday, April 24, 2008 7:14 AM by Stone Coast Web Design's Weblog

K. Scott Allen

Experiments in writing

My Links

Article Categories

Archives

Navigation

Links

Stats

Encrypting Custom Configuration Sections

Comments

# Encrypting Custom Configuration Sections

# Link Listing - January 9, 2006

# re: Encrypting Custom Configuration Sections

# re: Encrypting Custom Configuration Sections

# Encrypting Custom Configuration Sections

# Adding a Custom Key/Value Pair to Web.Config - Encrypting Sections of it