Click here to Skip to main content
12,067,351 members (57,169 online)
Rate this:
 
Please Sign up or sign in to vote.
I want to know if it is possible to decrypt "DataProtectionConfigurationProvider" which is responsible in encrypting the connectionString in the web.config file. I am not the one who developed the system that is why I need to know the decrypted value. I have been searching for solutions or workarounds in google. So far, I have tried this in the Visual Studio Command Prompt:

aspnet_regiis.exe -pef "connectionStrings" "my web.config file path"

Unfortunately, I am getting this error:

Failde to decrypt using provider 'DataProtectionConfigurationProvider'. Error messafe from the provider: Key not valid for use in specified state. (Exception from HRESULT: 0x8009000B)... and so on.

I am decrypting it in a different computer.

Please help!

Thanks CodeProject peeps!
Posted 4-Oct-12 2:31am
Rate this: bad
 
good
Please Sign up or sign in to vote.

Solution 1

I recommend you to look at www.asp.net/videos. They have many videos that can help you out. I recently watched a video on how to encrypt and decrypt configuration data such as connection string, etc...
  Permalink  
Rate this: bad
 
good
Please Sign up or sign in to vote.

Solution 2

I believe it should be '-pd' instead of '-pef' for decrypting.

Refer:
MSDN: How To: Encrypt Configuration Sections in ASP.NET 2.0 Using DPAPI[^]
MSDN: How to: Decrypt a web.config File[^]


UPDATE:
Refer: Encrypting Configuration Information in ASP.NET 2.0 Applications[^]

-- Generic form for decrypting the Web.config file for a particular website...
aspnet_regiis.exe -pdf section physical_directory
-- or --
aspnet_regiis.exe -pd section -app virtual_directory


-- Concrete example of decrypting the Web.config file for a particular website...
aspnet_regiis.exe -pdf "connectionStrings" "C:\Inetpub\wwwroot\MySite"
-- or --
aspnet_regiis.exe -pd "connectionStrings" -app "/MySite"
  Permalink  
v2
Comments
ernieball_26 4-Oct-12 23:54pm
   
Oops! I have typed it incorrectly, yes it should be '-pd' or '-pdf'. I was reading a lot of articles regarding my problem. It seems that there is a key which is generated by DPAPI. Since the application is running on a server, I assume that the key is also in there. My point now is, how's the key called (Master key? ect.)? Where can I find the key? Can I copy it and have it on my local machine?
Sandeep Mewara 5-Oct-12 1:08am
   
Does it mean your issue is resolved and now you have few followup questions?
Did you go through the above links?

As such, it looks a standard algorithm to encrypt and decrypt.
ernieball_26 5-Oct-12 1:21am
   
My problem isn't solved yet. Yes, I've gone on all the links you've suggested. I'm now getting the error message:

"The configuration for physical path: cannot be opened." What seems to be the cause of this? I'm pretty sure I supplied it with the correct path.
Sandeep Mewara 5-Oct-12 1:29am
   
Proper access permissions in place?

Try opening the command window as Administrator and then try to apply the script.
ernieball_26 5-Oct-12 1:44am
   
uhh! Same error message, "Key not valid for use in a specified state". Would it be possible if I re-encrypt it again?
Sandeep Mewara 5-Oct-12 1:59am
   
Try and see!
Sandeep Mewara 5-Oct-12 2:00am
   
As mentioned here: http://forums.asp.net/t/1536219.aspx/1

Try:
before you encrypt your web.config, add a machineKey section in you config file. that should solve the problem. here's a sample entry:

Rate this: bad
 
good
Please Sign up or sign in to vote.

Solution 3

Web.config File - ASP.NET[^] Useful article for you.
  Permalink  

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month


Advertise | Privacy | Mobile
Web04 | 2.8.160208.1 | Last Updated 15 May 2013
Copyright © CodeProject, 1999-2016
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100