Is it possible to encrypt a config file specified as a configSource from web.config?
Question
I have a custom section in my web.config I need to encrypt. This custom config section uses the configSource attribute to point at a separate config file (as this file is not to be source controlled) and I'd like for this separate config file to be encrypted. I'm not having any luck using aspnet_regiis.exe to encrypt this section.
Is what I'm trying to achieve possible?
My web.config:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<configSections>
<section name="protectedAppSettings" type="System.Configuration.NameValueSectionHandler, System,Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
</configSections>
<protectedAppSettings configSource="config\EnvironmentConfigurations\ProtectedAppSettings.config" />
</configuration>
My custom configuration file:
<?xml version="1.0" encoding="utf-8"?>
<protectedAppSettings>
<add key="XXX" value="xxx"/>
</protectedAppSettings>
I've added aspnet_regiis to my path so I can call it from the root directory of my site. This is the command I'm executing:
aspnet_regiis -pef protectedAppSettings ""
The output I get from this command tells me that encrypting was successful
I've found this link that says that it should just work but it doesn't for me..
1 answers
solution1
6 ACCPTED 2016-11-18 11:14:36
This was because of the type I was using to define my config section. Although there are no docs to prove it, it appears that the NameValueSectionHandler type does not encrypt when used for a config source. The solution was to change the type to System.Configuration.AppSettingsSection and the encryption works correctly
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.