1. Open notepad and copy the following code to a new file.
<%@ Page Language="C#" %>
<%
Response.Write(System.Security.Principal.WindowsIdentity.GetCurrent().Name);
%>Save my.aspx to your web directory, run 1 and the form displays “NT AUTHORITY\NETWORK SERVICE”. Success!
2. (key step 1) run cmd and execute the following
aspnet_regiis -pa “NetFrameworkConfigurationKey” “NT AUTHORITY\NETWORK SERVICE”
Note: register the default RsaProtectedConfigurationProvider RSA key container, NetFrameworkConfigurationKey is the default provider for RsaProtectedConfigurationProvider. Success!
3. Now, you can encrypt web.config, run:
Encryption: aspnet_regiis-pe “connectionStrings” -app “/Myweb” Note: “connectionStrings” is the section to be encrypted, and “/Myweb” is the web directory Decryption: aspnet_regiis-pd “connectionStrings” -app “/Myweb”
Success!
4, so you can call in the program (no need to decrypt, ha ha
) : … string connstr= ConfigurationManager.ConnectionStrings[“myConnstr”].ConnectionString.ToString(); …
Similarly, you can create your own RSA key container, as follows:
(1) create “MyKeys” key container and run: aspnet_regiis-pc “MyKeys” -exp (2) add the following to web.config:
<protectedData>
<providers>
<add name="MyProvider"
type="System.Configuration.RsaProtectedConfigurationProvider, System.Configuration, Version=2.0. 0.0,
Culture=neutral, PublicKeyToken=b03f5f7f11d0a3a,
processorArchitecture=MSIL"
keyContainerName="MyKeys"
useMachineContainer="true" />
</providers>
</protectedData>
Save.
(3) grant the account access to the computer level “MyKeys” RSA key container, run:
aspnet_regiis -pa “MyKeys” “NT AUTHORITY\NETWORK SERVICE”
(4) now, you can encrypt web.config, run:
Encryption: aspnet_regiis-pe “connectionStrings” -app “/Myweb” -prov “MyProvider”
Note: “connectionStrings” is the section to be encrypted, “/Myweb” is the web directory, “MyProvider” is its own key container
Decryption: aspnet_regiis-pd “connectionStrings” -app “/Myweb” -prov “MyProvider”