Click here to Skip to main content
15,313,293 members
Articles / Security / Encryption
Technical Blog
Posted 25 Apr 2011


19 bookmarked

Encrypt .NET Configuration File

Rate me:
Please Sign up or sign in to vote.
4.14/5 (7 votes)
25 Apr 2011CPOL1 min read
How to encrypt .NET configuration file

Under some scenarios, developers want to encrypt some sections inside app.config or web.config file. This article How To: Encrypt Configuration Sections in ASP.NET 2.0 Using RSA describes how to do so clearly, Scott Guthrie also posted one: Encrypting Web.Config Values in ASP.NET 2.0.

However, in the posts above, they use aspnet_regiis.exe and it seems it doesn’t directly support app.config, if we want to encrypt app.config for Windows Form or WPF applications While I tried use it to encrypt my app.config file, it generates a web.config which means my Winform definitely can’t use it, even if I copy the encrypted appSettings section from this generated web.config to my own app.config (ConfigurationManager.AppSettings[EncryptedKeyName] is null after I did that).

Config Encrypt

Encrypted WebConfig

After several minutes of Google search and testing, I found the code below is simple and very straight forward to achieve this:

Configuration config = ConfigurationManager.OpenExeConfiguration(

SectionInformation appSettingsSecInfo = config.GetSection(
if (!appSettingsSecInfo.IsProtected)
    Console.WriteLine("The configuration file has NOT been protected!");

    // Encrypt this section by using security provider 
    // (RsaProtectedConfigurationProvider or DpapiProtectedConfigurationProvider).
    appSettingsSecInfo.ForceSave = true;


This code snippet will do the encryption job and works for both app.config/web.config. Here is the MSDN definition page for SectionInformation.ProtectSection.


This article was originally posted at


This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


About the Author

Wayne Ye
Software Developer (Senior) SAP Labs Shanghai
China China
Wayne is a software developer, Tech Lead and also a geek. He has more than 6 years' experience in Web development(server: ASP.NET (MVC), Web Service, IIS; Client: HTML/CSS/JavaScript/jQuery/AJAX), Windows development (Winform, Windows Service, WPF/Silverlight, Win32 API and WMI) and SQL Server. Deep understanding of GOF Design Patterns, S.O.L.i.D principle, MVC, MVVM, Domain Driven Design, SOA, REST and AOP.

Wayne's Geek Life

Infinite passion on programming!

Comments and Discussions

QuestionNice Article Pin
xs2mayank13-Oct-15 1:16
Memberxs2mayank13-Oct-15 1:16 
QuestionDeploy encrypted config to other machines Pin
Member 141997020-Jan-13 10:20
MemberMember 141997020-Jan-13 10:20 
GeneralMy vote of 4 Pin
Crawfis29-Dec-11 5:41
MemberCrawfis29-Dec-11 5:41 
GeneralOriginal Reference Pin
MEhran.NET2-May-11 23:17
MemberMEhran.NET2-May-11 23:17 
GeneralRe: Original Reference Pin
Wayne Ye4-May-11 1:17
MemberWayne Ye4-May-11 1:17 
GeneralRe: Original Reference Pin
Crawfis29-Dec-11 5:41
MemberCrawfis29-Dec-11 5:41 
GeneralMy vote of 1 Pin
MEhran.NET2-May-11 23:14
MemberMEhran.NET2-May-11 23:14 
GeneralExcellent. Pin
2374126-Apr-11 11:08
Member2374126-Apr-11 11:08 
GeneralRe: Excellent. Pin
Wayne Ye26-Apr-11 16:04
MemberWayne Ye26-Apr-11 16:04 
GeneralMy vote of 5 Pin
Oshtri Deka26-Apr-11 3:24
professionalOshtri Deka26-Apr-11 3:24 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.