I encrypt the web.config file for my asp.net application using this command :
aspnet_regiis.exe -pef "connectionStrings" "C:\Inetpub\wwwroot\application1" -prov "DataProtectionConfigurationProvider"
aspnet_regiis.exe -pef "appSettings" "C:\Inetpub\wwwroot\application1" -prov "DataProtectionConfigurationProvider"
And we got the web.config ecnrypted perfectly.
Regarding the encrypted web.config, what should I do if we want to migrate to other server, what is the correct step :
- simply copy the encrypted web.config into new server
or
- copy the plain web.config then rerun those 2 commands on the new server?
the issue the we are facing : In our client, we are not allowed to execute those 2 command on the new server.
Kindly advise. thanks
By default the server will autogenerate its own machine key which makes them unique and .NET uses it to encrypt the web.config sections.
To use encrypted sections across servers, you would need to include a generated machine key in your web.config. This is what administrators using in clusters or webfarms.
See WebFarm Deployment considerations.
http://msdn.microsoft.com/en-us/library/ff649308.aspx
You can also generate a unique key here using this webtool.
http://aspnetresources.com/tools/machineKey
In my opinion, I would simply add the machinekey validation and decryption keys to allow .net to decode your encrypted sections on the fly.
Cheers,
Hades666