To ensure that your newly created RSA key container can be exported, you must include the -exp option.įor example, the following command creates an RSA key container named SampleKeys that is a machine-level key container and is exportable. You must give the key container a name, which identifies the key container used by the RsaProtectedConfigurationProvider specified in the configProtectedData section of your application's Web.config file. To create an RSA key container, you use the ASP.NET IIS registration tool (Aspnet_regiis.exe) with the –pc switch. By creating an RSA key container for each application or for each set of applications for a single customer, you can improve the security of an application's sensitive configuration information by ensuring that the Web.config file for one application cannot be decrypted using the RSA key container from another application. To accomplish this, you would create an RSA key container for the application, export it to an XML file, and import it on each server that needs to decrypt the encrypted Web.config file.Ĭreating RSA key containers can also be useful on a single Web server that hosts multiple ASP.NET applications. In that case, the same RSA key container must also be deployed to those servers. One scenario where this is useful is in a Web farm where the same encrypted Web.config file will be deployed to several servers. Protected configuration provides the capability to create, delete, export, and import RSA key containers when using the RsaProtectedConfigurationProvider.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2022
Categories |