Re: rsa encrtyption
- From: Dominick Baier <dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 6 May 2008 05:55:47 +0000 (UTC)
have you tried to do aspnet_regiis -pa to grant access to the key?
-----
Dominick Baier (http://www.leastprivilege.com)
Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)
I created a key for encrypting my web.config
aspnet_regiis -pz WebEncryptionKeys aspnet_regiis -pc
WebEncryptionKeys -exp
exported them
aspnet_regiis -px WebEncryptionKeys c:\WebEncryptionKeys_Public.xml
-pri
imported them to developers and server machines
aspnet_regiis -pi "WebEncryptionKeys" "c:\WebEncryptionKeys_Public.xml
"
Then in MsBuild I run
<Target Name="AfterBuild">
<Exec WorkingDirectory="$(OutputPath)"
Command="$(Registry:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSBuild\Tool
sVersions\2.0@MSBuildToolsPath)aspnet_regiis.exe
-pef connectionStrings $(OutputPath) -prov HrCustomProvider" />
This works fine from my machine, the web.config gets encrypted and
moved to
the server.
However, if a co-worker runs the same msBuild on her machine, we get a
bad
data error when the website is hit on the server. If I deploy to the
server,
she can logon to the server and encrypt and decrpyt the web.config.
I re-imported the encryption keys to her machine with the same
results.
The only thing I can think of is that her machine is using a different
version of the encrtyption algorithims?
So I had her run windows update on her machine, couple things got
updated sql server mostly.
I logged on to her machine, deployment worked.
She logged on to her machine, deployment worked.
The keys were created months ago. Any idea what happened?
.
- References:
- rsa encrtyption
- From: Chuck P
- rsa encrtyption
- Prev by Date: rsa encrtyption
- Next by Date: RE: rsa encrtyption
- Previous by thread: rsa encrtyption
- Next by thread: RE: rsa encrtyption
- Index(es):
Relevant Pages
|
