Yesterday on our build machine, I created a key container and exported the keys to a file using the aspnet_regiis.exe program (from the v2.0.50727 framework directory). The commands I used were
* aspnet_regiis -pc FlightlineKeyContainer –exp
* aspnet_regiis -px FlightlineKeyContainer FlightlineKeyContainer.xml –pri
I could successfully encrypt sections of my app.config on the build machine. Using the xml file, I imported the keys to a different machine, which could then successfully read the file.
As an experiment, I then deleted the key container on the build machine, using the command 'aspnet_regiis -pz FlightlineKeyContainer'
Interestingly enough, I found when I deleted the key container, I receive no error encrypting the file, however the 2nd machine could no longwe read the encrypted file.
Now I've tried to reimport the keys to the machine, but I'm getting an error. To import, I'm using the command 'aspnet_regiis -pi FlightlineKeyContainer FlightlineKeyContainer.xml –pri' (I've tried with and without the -pri option)
When I import, I get the following output:
Importing RSA Keys from file
Access is denied
Failed!
Is it not valid to import the same keycontainer that has been deleted? Did the delete not really clean everything up? Is there a way I can get around this? I'd rather not go through the process of creating a different key container name.
I can see a file 'C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys' with yesterday's date on it - I've thought about deleting that file, but am not sure if that is something I should be doing.
Thanks,
Beth
* aspnet_regiis -pc FlightlineKeyContainer –exp
* aspnet_regiis -px FlightlineKeyContainer FlightlineKeyContainer.xml –pri
I could successfully encrypt sections of my app.config on the build machine. Using the xml file, I imported the keys to a different machine, which could then successfully read the file.
As an experiment, I then deleted the key container on the build machine, using the command 'aspnet_regiis -pz FlightlineKeyContainer'
Interestingly enough, I found when I deleted the key container, I receive no error encrypting the file, however the 2nd machine could no longwe read the encrypted file.
Now I've tried to reimport the keys to the machine, but I'm getting an error. To import, I'm using the command 'aspnet_regiis -pi FlightlineKeyContainer FlightlineKeyContainer.xml –pri' (I've tried with and without the -pri option)
When I import, I get the following output:
Importing RSA Keys from file
Access is denied
Failed!
Is it not valid to import the same keycontainer that has been deleted? Did the delete not really clean everything up? Is there a way I can get around this? I'd rather not go through the process of creating a different key container name.
I can see a file 'C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys' with yesterday's date on it - I've thought about deleting that file, but am not sure if that is something I should be doing.
Thanks,
Beth