Encrypting AppSettings in file external to Web.Config

asp.netweb.config

I currently use this method to encrypt the AppSettings section of my application's web.config file: aspnet_regiis.exe -pe "appSettings" -site "MySite" -app "/"

But now I have moved some settings out to another file using the element

<appSettings file="IndividualAppSettings.config" >

I can still encrypt the app setting in the web.config, but is there any way to encrypt the content of the additional IndividualAppSettings.config file?

Best Answer

We do this all the time as we use external files for each of our environments.

First your appSettings element needs to look like this:

<appSettings configSource="IndividualAppSettings.config" />

Next, we call the encryption from the cmdline using:

aspnet_regiis -pe "appSettings" -prov "{0}" -site {1} -app "/"

where:

{0} is the name of your encryption provider specified in the web.config.
{1} is the Id of your site in IIS

Related Solutions

R – Problem encrypting membership element in web.config

The configuration section is identified by "system.web/membership", not "membership" nor "system.web.membership".

How to modify the web.config appSettings at runtime

You need to use WebConfigurationManager.OpenWebConfiguration(): For Example:

Dim myConfiguration As Configuration = System.Web.Configuration.WebConfigurationManager.OpenWebConfiguration("~")
myConfiguration.ConnectionStrings.ConnectionStrings("myDatabaseName").ConnectionString = txtConnectionString.Text
myConfiguration.AppSettings.Settings.Item("myKey").Value = txtmyKey.Text
myConfiguration.Save()

I think you might also need to set AllowLocation in machine.config. This is a boolean value that indicates whether individual pages can be configured using the element. If the "allowLocation" is false, it cannot be configured in individual elements.

Finally, it makes a difference if you run your application in IIS and run your test sample from Visual Studio. The ASP.NET process identity is the IIS account, ASPNET or NETWORK SERVICES (depending on IIS version).

Might need to grant ASPNET or NETWORK SERVICES Modify access on the folder where web.config resides.

Best Answer

Related Solutions

R – Problem encrypting membership element in web.config

How to modify the web.config appSettings at runtime

Related Topic