I have a web.config that contains three "identities" of only which one is listed under system.web.
Running the following command successfully encrypts the top most identity listed under system.web aspnet_regiis -pef "system.web/identity" "C:\Inetpub\websitedirectory" -prov "CustomProvider"
The layout of these last two identities are similiar to the example below.
<location path="blah.aspx"> <system.web>
<identity impersonate="true" userName="<user>" password="<password>"/>
<authorization>
<allow users="?"/>
</authorization> </system.web> </location>
Anyone know how can I encrypt these last two identities?
Hello There is a way to store your credentials in the registry and you can encrypt identity with downloadable ASPNET_SETREG.exe program. I tried but I failed so, if you succeed to use it, thanks to explain here. Best regards, Laurent
Marked as answer by Leo Tang - MSFT on Mar 22, 2012 06:52 AM
encrypted the particular username/password combinations.
exported the applicable registry keys. Since aspnet_setreg is a 32-bit utility and I was running this on a 64-bit system, I had to pull the keys out of the Wow6432Node tree.
modified the exported registry keys in notepad to remove references to Wow6432Node
Copied the registry keys to the applicable servers
imported the above registry keys
went back and updated web.config's to reference identities stored in the registry
Since "ServerName\Users" have read access to the registry keys I didn't have to modify any permissions.
pjhanson
5 Posts
encrypt web.config identity
Mar 13, 2012 09:20 PM|LINK
I have a web.config that contains three "identities" of only which one is listed under system.web.
Running the following command successfully encrypts the top most identity listed under system.web
aspnet_regiis -pef "system.web/identity" "C:\Inetpub\websitedirectory" -prov "CustomProvider"
However this leaves the remaining identities in clear text. I've tried running the following but it didn't worked either.
aspnet_regiis -pe system.web/identity -app /[vdir] -location [IdentityName] -prov "CustomProvider"
(http://odetocode.com/Blogs/scott/archive/2006/05/30/encrypting-identities-in-web-config.aspx)
The layout of these last two identities are similiar to the example below.
<location path="blah.aspx">
<system.web>
<identity impersonate="true" userName="<user>" password="<password>"/>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
</location>
Anyone know how can I encrypt these last two identities?
Thanks!
pjhanson
5 Posts
Re: encrypt web.config identity
Mar 16, 2012 05:11 PM|LINK
Laurent Jord...
3 Posts
Re: encrypt web.config identity
Mar 18, 2012 03:37 PM|LINK
pjhanson
5 Posts
Re: encrypt web.config identity
Apr 11, 2012 10:23 PM|LINK
Thank you! My Google-Fu wasn't returning anything along those lines. Your suggestion brought me to a Microsoft KB article:
http://support.microsoft.com/kb/329290
Since "ServerName\Users" have read access to the registry keys I didn't have to modify any permissions.
Thanks!