Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Encrypting custom sections of a web.config

I used the article Creating a Flexible Configuration Section Handler to create a Flexible Configuration Section Handler in my application.

I also saw this article entitled Encrypting Custom Configuration Sections on the OdeToCode blog, on how to encrypt portions of a web.config file.

From the first article, we have this web.config code.

<?xmlversion="1.0"encoding="utf-8"?>
<configuration>
    <configSections>
        <sectionname="StyleSheetSettings_1"    
            type="FifteenSeconds.Core.BasicConfigurator"/>
    </configSections>
    <StyleSheetSettings_1>
        <StyleSheets>
            <Style SheetName="Page"Href="Styles/Page.css"Media="screen"/>
            <StyleSheetName="Custom"Href="Styles/Custom.css"Media="screen"/>
            <StyleSheetName="Print"Href="/Lib/Styles/Print.css"Media="print"/>
        </StyleSheets>      
    </StyleSheetSettings_1>
 </configuration>

I tried to use the following code to encrypt the code using something like the following command line code.

 aspnet_regiis.exe -pef  "StyleSheetSettings_1" C:\Test\

I am getting the following error

Could not load type FifteenSeconds.Core.BasicConfigurator' from assembly 'System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a'.

Any help would be appreciated.

like image 671
Brad Sandefur Avatar asked Aug 17 '10 16:08

Brad Sandefur


People also ask

How do I encrypt a section of web config?

You can use the ASP.NET IIS Registration Tool (Aspnet_regiis.exe) to encrypt or decrypt sections of a Web configuration file. ASP.NET will automatically decrypt encrypted configuration elements when the Web. config file is processed.

What is protected configuration?

You can use protected configuration to encrypt sensitive information, including user names and passwords, database connection strings, and encryption keys, in a Web application configuration file such as the Web. config file.

What is Aspnet_regiis?

The ASP.NET IIS Registration Tool (Aspnet_regiis.exe) allows an administrator or installation program to easily update the script maps for an ASP.NET application to point to the ASP.NET ISAPI version that is associated with the tool. The tool can also be used to display the status of all installed versions of ASP.


1 Answers

Here's another workaround for this issue (found at http://www.dotnetnoob.com/2013/01/how-to-encrypt-custom-configuration.html). Comment out the section element for the custom section under the configSections element (/configuration/configSections) before running the aspnet_regiis command and the custom section should get encrypted.

<configSections>
    <!--<section name="myCustomSection" type="My.Product.CustomSection, My.Product.Assembly/>-->
</configSections>


c:\Windows\Microsoft.NET\Framework\v4.0.30319>aspnet_regiis -pef myCustomSection C:\path\to\app
Microsoft (R) ASP.NET RegIIS version 4.0.30319.17929
Administration utility to install and uninstall ASP.NET on the local machine.
Copyright (C) Microsoft Corporation.  All rights reserved.
Encrypting configuration section...
Succeeded!
like image 53
dnickels Avatar answered Sep 23 '22 15:09

dnickels