Re: Error encrypting identity element in web.config
- From: "Rob Roberts" <robrRemoveThis@xxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 11 May 2006 14:05:47 -0600
I got this to work by using DPAPI encryption instead of RSA. The command to
use to do the encryption using DPAPI is this:
aspnet_regiis -pef "system.web/identity" "C:\Sites\IntranetSite" -prov
"DataProtectionConfigurationProvider"
See this article for more information:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnpag2/html/paght000005.asp.
An alternative that also should work is to continue to use RSA but to then
grant access to the key container to the user account that ASP.NET is
running under. The command for that should be something like this (although
this is untested):
aspnet_regiis -pa "NetFrameworkConfigurationKey" "TheFullAccountName"
--Rob Roberts
"Rob Roberts" <robrRemoveThis@xxxxxxxxxxxxxxxxxxxxx> wrote in message
news:%23PnkKG7cGHA.4312@xxxxxxxxxxxxxxxxxxxxxxx
Using information that I got from this MSDN article:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnpag2/html/paght000023.asp, I
added an identity impersonate element to my web.config file that looks
like this:
<identity impersonate="true" username="MyDomain\TestUser"
password="TestPassword" />
This works fine for allowing a SqlMembershipProvider to access to a remote
SQL server, which is why I did this in the first place. But I'm running
into problems when I try to encrypt the identity element. I've used this
command, as specified in the above article:
aspnet_regiis -pef "system.web/identity" "C:\Sites\IntranetSite"
The command prompt says ""Encrypting configuration section...", and then
"Succeeded!" When I look at web.config in VS2005, the element has been
encrypted, but the IDE shows a few warnings in the "Error List" section.
The are:
Warning 1 The 'configProtectionProvider' attribute is not declared.
c:\inetpub\wwwroot\web.config 16 17 http://localhost/
Warning 2 The element cannot contain white space. Content model is empty.
c:\inetpub\wwwroot\web.config 16 78 http://localhost/
Warning 3 The element 'identity' cannot contain child element
'http://www.w3.org/2001/04/xmlenc#:EncryptedData' because the parent
element's content model is empty. c:\inetpub\wwwroot\web.config 17 10
http://localhost/
When I try to access a page in the site, I get a Configuration Error with
this error message:
"Failed to decrypt using provider 'RsaProtectedConfigurationProvider'.
Error message from the provider: The RSA key container could not be
opened."
Does anyone know what the problem is here? (By the way, this is on my
Windows XP development machine, not a real web server. I'm using .NET
2.0.)
Thanks in advance,
--Rob Roberts
.
- References:
- Error encrypting identity element in web.config
- From: Rob Roberts
- Error encrypting identity element in web.config
- Prev by Date: ActiveDirectoryMembershipProvider with an OpenDirectory instead-of AD?
- Next by Date: RE: DPAPI (Machine Store) Access Denied Problem.
- Previous by thread: Error encrypting identity element in web.config
- Next by thread: Windows authentication and SqlRoleProvider
- Index(es):
Relevant Pages
|
