I am using Enterprise library v3.1 for developing a windows application. its working well.
but there is a security issue, when i deploy this application on client machine the applicationname .exe.config contains connectionStrin g and other secure information. My question is how I can secure applicationname .exe.config file so that anyone could not open it.
I have tried encryption of Data Access Application Block (with both providers RSA & DPAPI) using enterprise library configuration tool. but when I deploy on client machine it gives these errors:
System.Configur ation.Configura tionErrorsExcep tion: Failed to decrypt using provider 'RsaProtectedCo nfigurationProv ider'. Error message from the provider: The RSA key container could not
be opened. (C:\Program Files\Tesst APP\Test APP.exe.config line 30) --->
System.Configur ation.Configura tionErrorsExcep tion: The RSA key container could not be opened.
System.Configur ation.Configura tionErrorsExcep tion: Failed to decrypt using provider 'DataProtection ConfigurationPr ovider'. Error message from the provider: Key not valid for use in specified state. (Exception from HRESULT: 0x8009000B) (C:\Program Files\Test APP\Test APP.exe.config line 17) ---> System.Runtime. InteropServices .COMException (0x8009000B): Key not valid for use in specified state. (Exception from HRESULT: 0x8009000B).
Also app.config contains
<machineKey validationKey=" somevalue" decryptionKey=" somevalue" validation="SHA 1" />
I want it should be also encrypted.
I will be very thankful for any help.
but there is a security issue, when i deploy this application on client machine the applicationname .exe.config contains connectionStrin g and other secure information. My question is how I can secure applicationname .exe.config file so that anyone could not open it.
I have tried encryption of Data Access Application Block (with both providers RSA & DPAPI) using enterprise library configuration tool. but when I deploy on client machine it gives these errors:
System.Configur ation.Configura tionErrorsExcep tion: Failed to decrypt using provider 'RsaProtectedCo nfigurationProv ider'. Error message from the provider: The RSA key container could not
be opened. (C:\Program Files\Tesst APP\Test APP.exe.config line 30) --->
System.Configur ation.Configura tionErrorsExcep tion: The RSA key container could not be opened.
System.Configur ation.Configura tionErrorsExcep tion: Failed to decrypt using provider 'DataProtection ConfigurationPr ovider'. Error message from the provider: Key not valid for use in specified state. (Exception from HRESULT: 0x8009000B) (C:\Program Files\Test APP\Test APP.exe.config line 17) ---> System.Runtime. InteropServices .COMException (0x8009000B): Key not valid for use in specified state. (Exception from HRESULT: 0x8009000B).
Also app.config contains
<machineKey validationKey=" somevalue" decryptionKey=" somevalue" validation="SHA 1" />
I want it should be also encrypted.
I will be very thankful for any help.