Unable to export RSA Key container file

Question

I need to encrypt my web.config file on my dev machine (Windows XP SP-3) and export the RSA Key to my QA machine (Windows Server 2003). I used the following command to encrypt my file.

aspnet_regiis -pe "appSettings" -app "/VirtualDirectoryName" -prov "RsaProtectedConfigurationProvider"

and then i added the following section in my web.config file

Then i created the RSA container with the name "SampleKeys"

Web.Config was encrypted nicely and i was able to use this file on my dev machine. I however had to turn on "Impersonation" and used my windows userName and password.

I need to export my RSA Key to QA server, so that i can use my the encrypted config file. So i'm trying to export the RSA key and its failing. I don't understand the reason, as i'm following all the steps that are mentioned in the following link; link text

When i try to export the RSA container, i get the error saying that the "RSA container was not found." But when i try to create the RSA container again with the same name, i get the error stating "The RSA container already exists". alt text

even the following command executed successfully.

aspnet_regiis -pa "NetFrameworkConfigurationKey" "NT AUTHORITY\NETWORK SERVICE"

I however could not execute the following command;

aspnet_regiis -pa "SampleKeys" "NT AUTHORITY\NETWORK SERVICE"

I got the same error saying that "RSA container was not found."

I also gave read access to ASPNET user on "C:\Document and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKey" folder. but nothing worked.

Am i missing something?

Kris · Accepted Answer

Found the answer! You always need to reference the "SampleKeys"-exp once you create a key for exporting.

aspnet_regiis -pa "SampleKeys"-exp "NT AUTHORITY\NETWORK SERVICE"

Unable to export RSA Key container file

Answers (2)

Related Questions