How to decrypt "DataProtectionConfigurationProvider" in web.config?

Question

0.00/5 (No votes)

See more:

I want to know if it is possible to decrypt "DataProtectionConfigurationProvider" which is responsible in encrypting the connectionString in the web.config file. I am not the one who developed the system that is why I need to know the decrypted value. I have been searching for solutions or workarounds in google. So far, I have tried this in the Visual Studio Command Prompt:

aspnet_regiis.exe -pef "connectionStrings" "my web.config file path"

Unfortunately, I am getting this error:

Failde to decrypt using provider 'DataProtectionConfigurationProvider'. Error messafe from the provider: Key not valid for use in specified state. (Exception from HRESULT: 0x8009000B)... and so on.

I am decrypting it in a different computer.

Please help!

Thanks CodeProject peeps!

Posted 4-Oct-12 1:31am

ernieball_26

Add a Solution

3 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Member 7713647 · Answer 1 · 2012-10-04T07:01:00

Solution 1

I recommend you to look at www.asp.net/videos. They have many videos that can help you out. I recently watched a video on how to encrypt and decrypt configuration data such as connection string, etc...

Posted 4-Oct-12 7:01am

Member 7713647

Sandeep Mewara · Answer 2 · 2012-10-04T10:16:00

Solution 2

I believe it should be '-pd' instead of '-pef' for decrypting.

Refer:
MSDN: How To: Encrypt Configuration Sections in ASP.NET 2.0 Using DPAPI[^]
MSDN: How to: Decrypt a web.config File[^]

UPDATE:
Refer: Encrypting Configuration Information in ASP.NET 2.0 Applications[^]

-- Generic form for decrypting the Web.config file for a particular website...
aspnet_regiis.exe -pdf section physical_directory
-- or --
aspnet_regiis.exe -pd section -app virtual_directory

-- Concrete example of decrypting the Web.config file for a particular website...
aspnet_regiis.exe -pdf "connectionStrings" "C:\Inetpub\wwwroot\MySite"
-- or --
aspnet_regiis.exe -pd "connectionStrings" -app "/MySite"

Posted 4-Oct-12 10:16am

Sandeep Mewara

Updated 4-Oct-12 10:18am

v2

Comments

ernieball_26 4-Oct-12 23:54pm

Oops! I have typed it incorrectly, yes it should be '-pd' or '-pdf'. I was reading a lot of articles regarding my problem. It seems that there is a key which is generated by DPAPI. Since the application is running on a server, I assume that the key is also in there. My point now is, how's the key called (Master key? ect.)? Where can I find the key? Can I copy it and have it on my local machine?

Sandeep Mewara 5-Oct-12 1:08am

Does it mean your issue is resolved and now you have few followup questions?
Did you go through the above links?

As such, it looks a standard algorithm to encrypt and decrypt.

ernieball_26 5-Oct-12 1:21am

My problem isn't solved yet. Yes, I've gone on all the links you've suggested. I'm now getting the error message:

"The configuration for physical path: <my file="" path=""> cannot be opened." What seems to be the cause of this? I'm pretty sure I supplied it with the correct path.

Sandeep Mewara 5-Oct-12 1:29am

Proper access permissions in place?

Try opening the command window as Administrator and then try to apply the script.

ernieball_26 5-Oct-12 1:44am

uhh! Same error message, "Key not valid for use in a specified state". Would it be possible if I re-encrypt it again?

Sandeep Mewara 5-Oct-12 1:59am

Try and see!

Sandeep Mewara 5-Oct-12 2:00am

As mentioned here: http://forums.asp.net/t/1536219.aspx/1

Try:
before you encrypt your web.config, add a machineKey section in you config file. that should solve the problem. here's a sample entry:
<machinekey validationkey="C50B3C89CB21F4F1422FF158A5B42D0E8DB8CB5CDA1742572A487D9401E3400267682B202B746511891C1BAF47F8D25C07F6C39A104696DB51F17C529AD3CABE" decryptionkey="8A9BE8FD67AF6979E7D20198CFEA50DD3D3799C77AF2B72F" validation="SHA1">

Аslam Iqbal · Answer 3 · 2013-05-15T01:00:00

Solution 3

Web.config File - ASP.NET[^] Useful article for you.

Posted 15-May-13 1:00am

Аslam Iqbal