Below web.config is used in MVC Web Application. I need to encrypt appSettings.config and connections.config which is external to web.config using configSource.
<?xml version="1.0"?>
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
<appSettings configSource="appSettings.config"/>
<connectionStrings configSource="connections.config"/>
<system.web>
<compilation debug="true" />
<authentication mode="Windows"/>
<identity impersonate="true"/>
What I have tried:
I tried to encrypt using RsaProtectedConfigurationProvider with aspnet_regiis. But it is not working as expected in simple Web.config where appSettings and connectionStrings present at the same file.
I am using below command to encrypt web.config
C:\Windows\Microsoft.NET\Framework\v4.0.30319>aspnet_regiis -pef "connectionStrings" "D:\WebApplication" -prov "AppEncryptionProvider". C:\Windows\Microsoft.NET\Framework\v4.0.30319>aspnet_regiis -pef "appSettings" "D:\WebApplication" -prov "AppEncryptionProvider
but while using this in a web application it gives me the error as below: Failed to decrypt using provider 'AppEncryptionProvider'. Error message from the provider: The system cannot find the file specified. (Exception from HRESULT: 0x80070002)
Line 1: <appSettings configProtectionProvider="AppEncryptionProvider">
Line 2: <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element"
Line 3: xmlns="http://www.w3.org/2001/04/xmlenc#">
Line 4: <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />