I’m trying to grant the ASP.NET identity read access to the default RSA key container, but when I try to do it from comand prompt trough aspnet_regiis tool with the following script aspnet_regiis –pa “NetFrameworkConfigurationKey“ “DIMITIRJE\ASPNET” (The last part is the identity of my application) I get the message: The RSA key container was not found. Failed! Now, I’m using WINDOWS XP Professional SP2 IIS 5.1 and Visual Studio 2005 SDK2.0 so, please anybody, what am I doing wrong?

Let's check the key container in machine.config(usually in C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CONFIG), locate such section:

<configProtectedData defaultProvider="RsaProtectedConfigurationProvider">
<providers>
<add name="RsaProtectedConfigurationProvider" type="System.Configuration.RsaProtectedConfigurationProvider,System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" description="Uses RsaCryptoServiceProvider to encrypt and decrypt" keyContainerName="NetFrameworkConfigurationKey" cspProviderName="" useMachineContainer="true" useOAEP="false" />
<add name="DataProtectionConfigurationProvider" type="System.Configuration.DpapiProtectedConfigurationProvider,System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" description="Uses CryptProtectData and CryptUnProtectData Windows APIs to encrypt and decrypt" useMachineProtection="true" keyEntropy="" />
</providers>
</configProtectedData>

Do you have the line in bold in the machine.config?

I have the line in bold but the rest of the script is somewath diferent:

<configProtectedData defaultProvider="RsaProtectedConfigurationProvider">
        <providers>
            <clear />
            <add description="Uses RsaCryptoServiceProvider to encrypt and decrypt" keyContainerName="NetFrameworkConfigurationKey" cspProviderName="" useMachineContainer="true" useOAEP="false" name="RsaProtectedConfigurationProvider" type="System.Configuration.RsaProtectedConfigurationProvider,System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
            <add description="Uses CryptProtectData and CryptUnProtectData Windows APIs to encrypt and decrypt" useMachineProtection="true" keyEntropy="" name="DataProtectionConfigurationProvider" type="System.Configuration.DpapiProtectedConfigurationProvider,System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
        </providers>
    </configProtectedData>

 

So, whats the verdict?

                     ISNOGOOD
 

Your section seems to be same as mine. Have you customized the configProtectedData section in the web.config of the problematical web application?

No, but I didn't think it was necesery. I am completly new to .NET I'm a JAVA guy, anyway this is my web.config

<?xml version="1.0" encoding="utf-8"?>
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
    <connectionStrings>
        <add name="BazaPivaConnectionString" connectionString="Data Source=.\SQLEXPRESS;AttachDbFilename=C:\Inetpub\wwwroot\membership\App_Data\BazaPiva.MDF;Integrated Security=True;Connect Timeout=30;User Instance=True"
            providerName="System.Data.SqlClient" />
    </connectionStrings>
    <system.web>
        <roleManager enabled="true" />
        <authentication mode="Forms" />
     
    </system.web>
    <system.net>
        <mailSettings>
            <smtp from="dimitrijemisic@gmail.com">
                <network host="localhost" password="" userName="" />
            </smtp>
        </mailSettings>
    </system.net>
</configuration>

I also have web.config  in two of my subfolders, but they are standard web.config files created when I used ASP.NEt configuration tool to create roles and acces rools.

              ISNOGOOD