Failed to decrypt using provider 'RsaProtectedConfigurationProvider'?

Question

In my windows application i am trying to encrypt connection string section of app.config file, connection string part of my app.config file is

<connectionStrings>
<add name="SQLiteDB" connectionString="Data Source=|DataDirectory|database.s3db;    
Version=3;password=mypassword;" providerName="System.Data.Sqlite"/>
</connectionStrings>

and in .cs file i am encrypting it like

Configuration config = ConfigurationManager.OpenExeConfiguration(Application.ExecutablePath);
ConfigurationSection section = config.GetSection("connectionStrings") as ConnectionStringsSection; // could be any section

if (!section.IsReadOnly())
{
 section.SectionInformation.ProtectSection("RsaProtectedConfigurationProvider");
 section.SectionInformation.ForceSave = true;
 config.Save(ConfigurationSaveMode.Full);
}

after running this code i get encrypted connection string in a different app.config, this app.config resides in bin\debug folder and the name of this .config file is nameofapplication.exe.config.

The problem is when i made setup of this application and run on other machine if gives error that:

System.Configuration.ConfigurationErrorsException: Failed to decrypt using provider 'RsaProtectedConfigurationProvider'. Error message from the provider: The RSA key container could not be opened.

I am doing it first time so don't know how to solve this, stucked badly in it.

Answer 1

Using this command aspnet_regiis -pa

Open cmd Console -execute as Administrator-

C:\Windows\system32>aspnet_regiis -pa "NetFrameworkConfigurationKey" "myDomain\myUser"
Microsoft (R) ASP.NET RegIIS versión 4.0.30319.33440
Utilidad de administración que instala y desinstala ASP.NET en el equipo local.
Copyright (C) Microsoft Corporation. Todos los derechos reservados.
Agregando ACL para el acceso al contenedor de claves RSA...
Con éxito

More references:

Ɖiamond ǤeezeƦ answer

The RsaProtectedConfigurationProvider sometimes fails when encrypting an application configuration file

ASP.NET Encryption - aspnet_regiis - Farm

Encrypting and Decrypting Web.config Sections in .NET 4.0

Answer 2

The app.config file will have been encrypted using a certificate on your local machine. This certificate will not be present on the other machine. You will therefore not be able to decrypt the app.config file.

For this to work, you need to export the encryption key on your machine, then import it on the other machine. The following article demonstrates how to do that: Walkthrough: Creating and Exporting an RSA Key Container