RsaProtectedConfigurationProvider and EntLib 5.0 Configuration Console

Topics: General discussion
May 27, 2010 at 12:55 AM

This is for general information for those attempting use of RSA generated keys containers and who also wish to use the Enterprise Library 5.0 configuration Console.

The EntLib configuration console will only encrypt/decrypt using the settings for DataProtectionConfigurationProvider or RSAProtectedConfigurationProvider and will not utilize any custom configProtectedData provider with a different NAME you may create in your web.config file.  When searching on the web I did not find a lot of good responses for this newest library.

Microsoft demonstrates how to create/import/export a custom RSA key container and everythng works fine, but the Entlib config console will not see it or use the settings below:


      <add name="SampleProvider" 
           type="System.Configuration.RsaProtectedConfigurationProvider, System.Configuration, Version=,
                 Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
           useMachineContainer="true" />

To work with the Entlib Configuration Console the trick is to just add a Remove statment for RsaProtectedConfigurationProvider and then Add it back in with your Key info.  This purges the application from using the default Machine.config key setting.

my web config now looks like:

 <configProtectedData defaultProvider="RsaProtectedConfigurationProvider">
			<remove name="RSAProtectedConfigurationProvider"/>
			<add name="RSAProtectedConfigurationProvider" type="System.Configuration.RsaProtectedConfigurationProvider, System.Configuration,Version=, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL" keyContainerName="MYSAMPLE-key" useMachineContainer="true"/>

By using the same NAME RsaProtectedConfiguationProvider I can now use my RSA key already created within the Entlib configuration console.  The setting to point to your RSA key is:  keyContainerName="MYSAMPLE-key"

Hope this helps others attempting to make this work.  the microsoft example works great otherwise, just not with the configuration console..

Jul 3, 2012 at 2:52 PM

Thanks, very much!!!