Patricio Treviño

Patricio Treviño

Husband . Father . Developer

Decrypt a configuration section in a configuration file not hosted in IIS

Syntax

aspnet_regiis -pdf <section> <directory> [-pkm]
view raw syntax.text hosted with ❤ by GitHub

Option Description
section The section of the web.config to be encrypted.
directory The IIS website that hosts the web.config.
pkm Encrypts the machine config instead of the local config.

Note: this option looks for a web.config file, there is no way you can specify a difference name. If needed, rename your app.config to web.config, encryp/decrypt, then rename again.

Example

# Given a configuration fle like
# <configuration>
# <configProtectedData>
# <providers>
# <add name="MyProtectedConfigurationProvider"
# type="System.Configuration.RsaProtectedConfigurationProvider, ..."
# keyContainerName="MyKeyContainer"
# useMachineContainer="true" />
# </providers>
# </configProtectedData>
# </configuration>
$ cd "$env.WINDIR/Microsoft.NET/Framework64/v4.0.30319"
$ .\aspnet_regiis -pdf "connectionStrings" "C:/inetpub/Application/"
Microsoft (R) ASP.NET RegIIS version 4.0.30319.18408
Administration utility to install and uninstall ASP.NET on the local machine.
Copyright (C) Microsoft Corporation. All rights reserved.
Decrypting configuration sections...
Succeeded!
view raw example.ps1 hosted with ❤ by GitHub

References

How to: Decrypt a web.config