Where is RAS Key when using DataAccessApplicationBlock Encryption?

Topics: Data Access Application Block
Oct 13, 2010 at 6:19 PM


I'm using Enterprise Library 4.1's Configuration Application to Encrypt my Web.Config file's Database Connection Strings. In EntLib's Userinterface I select Data Access Application Block and the select RsaProtectedConfigurationProvider from protection ComboBox. It Encrypts Connection Strings of the Web.Config file.

But ... If I do actions mentioned above in my Workstation and then deploy Application into Server shouldn't I also deploy RSA Key into Server environment?

I don't quite understand how this kind of task should be done especially RSA Key handling. Can anyone help me how to do this kind of action?



Oct 14, 2010 at 4:21 AM
Edited Oct 14, 2010 at 10:52 AM

To share encrypted configuration, you need to create a custom key container, remove the RsaProtectedConfigurationProvider declaring your own.  Follow the steps mentioned here.  Skip step 2-4 since you'll be doing the encryption via the entlib config tool.  For step #5, you should also remove the RsaProtectedConfigurationProvider first before adding the new one.  Thus, the config should be like:

  <remove name="RsaProtectedConfigurationProvider" />
  <add keyContainerName="CustomKeys" 
           description="Uses RsaCryptoServiceProvider to encrypt and decrypt"
           name="RsaProtectedConfigurationProvider" type="System.Configuration.RsaProtectedConfigurationProvider,System.Configuration, Version=, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />

You won't need to execute step #6 for the same reason as skipping 2-4 which is because you will use the entlib config tool to encrypt your configuration (selecting RsaProtectedConfigurationProvider as the Protection Provider property).  Follow the rest of the steps and that's it.

Let me know if anything is unclear.


Sarah Urmeneta
Global Technology and Solutions
Avanade, Inc.