Thursday, October 8, 2009

Web.Config Custom Configuration sections with RSA

After spending awhile playing with RSA and Custom Configuration Sections I added the following community content:
  • You must compile your ConfigurationSection class as a strongly named assembly (dll) and deploy it to the GAC
    • If you don't, it will try to locate your class in System.Web
  • You should add this to the Compilation\Assemblies section of the Web.config if you will be using the values within a Web Site project (non pre-compiled)
    • Ex: <add assembly="Samples.AspNet, Version=, Culture=neutral, PublicKeyToken=DllPktHere" />
  • The following section declaration should include the full strong named assembly
    • Ex: <section
      type="Samples.AspNet.PageAppearanceSection, Samples.AspNet, Version=, Culture=neutral, PublicKeyToken=DllPktHere"
  • Follow the RSA encryption instructions (
    except for the following:
    • You may need to use the -pef format instead of -pe
    • If you have your section within a group as in the example above, you should use this format: "SectionGroupName/SectionName"
      • This would be instead of the "connectionStrings" section used in the RSA encryption instructions examples.

1 comment:

  1. how do you use this and also refer to the section using configSource and have it encrypt the external file?