Creating an RSA Key Container

M

mike55

Contributor
Joined
Mar 26, 2004
Messages
727
Location
Ireland
Hi

I am trying to create a RSA Key container. Here are the command that I am using:
Code: 
1.  This creates the key container.
aspnet_regiis -pc "myKey" -exp

2. This grants authority to access the key container.
aspnet_regiis -pa "myKey"  "NT AUTHORITY\NETWORK SERVICE"

My problem now is, where is the key container that I have created stored? According to microsoft it is located at:
\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys
Click to expand...

However I do not have the Application Data folder. How can I find it?

Mike55.
 
Solution to my problem is this:
Code: 
aspnet_regiis -px "myKey" key.xml -pri

This exports the key container to an xml file.

Here is the full list of commands:
Creating an RSA Key Container - User my be in folder: "C:\Windows\Microsoft.net\Framework\V2.0.50727\" or higher.

1. Create the key container: aspnet_regiis -pc "myKey" - exp (Where myKey is the containers name)

2. Grant authority to access the container: aspnet_regiis -pa "myKey" "NT AUTHORITY\NETWORK Service"

3. Export the key container: aspnet_regiis -px "myKey" key.xml -pri

4. Import the key container to another machine: aspnet_regiis -pi "myKey" key.xml


Changes to be made to the web.config file

1. Add the following code:
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
<configProtectedData>
<providers>
<add name="myKey"
type="System.Configuration.RsaProtectedConfigurationProvider, System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a,processorArchitecture=MSIL"
keyContainerName="MyKeys"
useMachineContainer="true"/>
</provider>
</configProtectedData>


Encrypting web.config file

1. aspnet_regiis.exe -pe connectionStrings -app /MyApp -prov myKey
*Note: replace MyApp with the name of your application.

Decrypting web.config file

1. aspnet_regiis.exe -pd connectionStrings -app /MyApp
*Note: replace MyApp with the name of your application.


**Note: It would seem that I have forgotten one command, this has resulted in the error:
"Failed to decrypt using provider 'RsaProtectedConfigurationProvider'. Error message from the provider: The RSA key container could not be opened"
Click to expand...
To solve this issue, use the following command:
aspnet_regiis -pa "MyKeys" "ASPNET"
*Note that "MyKeys" is the name of my key container, you may need to change this to suit your own particular situation.

Mike55.
 
Last edited:
Back
Top