Get Help:Ask a Question in our Forums|Report a Bug|More Help Resources
Last post Feb 03, 2010 04:10 AM by jkirkerx
Aug 02, 2007 08:59 AM|LINK
We have web farm scenario and connection string is
encrypted using RSA.
It's working fine on server, but some time (1 case out of 20 cases) iIt shows error like:
"Failed to decrypt using provider 'RsaProtectedConfigurationProvider'. Error message from the provider: The RSA key container could not be opened"
- Windows 2003 server (2 servers - web farm).
- .NET Framework 2.0.
- Connection string encrypted using RSA, I followed steps as given in
- XML file exported from one server and imported on another server.
- Given rights using aspnet_regiis -pa "CustomKeys" "NT Authority\Network Service"
on both the server.
any suggestion on this.
Aug 02, 2007 11:19 AM|LINK
Aug 02, 2007 11:50 AM|LINK
Thanks for reply.
When I deployed my application at that time I had followed all the steps same as link suggested by you.
But problem is:
I am getting this error only some time (Rarely) mostly my application working fine. Suppose I get an error on any page and at the same time if I refresh that page the error gone and I got that page working fine [:)]. Suppose I have done
mistake in deployment, then it should not worked all the time. But it is working fine most the time.
Aug 02, 2007 11:57 AM|LINK
Post your web.config file with the RSA configuration.
Aug 03, 2007 06:09 AM|LINK
As I can not post whole web.config, I am posting only connection string section. Please let me know if you need any other section of the web.config file.
description="Uses RsaCryptoServiceProvider to encrypt and decrypt"
type="System.Configuration.RsaProtectedConfigurationProvider,System.Configuration, Version=188.8.131.52, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
Aug 03, 2007 03:21 PM|LINK
You config looks ok. Do one thing. Try adding the <clear/> tag after <providers>
Check and see if it works fine.
Aug 06, 2007 10:23 AM|LINK
Thanks for giving me reply.
I tried your suggestion (<clear />), but still facing the same problem.
Is there any security issue? I have given permission to only "NT Authority\Network Service" user. Is there any other user to whom need to give permission?
Aug 07, 2007 02:26 AM|LINK
Aug 07, 2007 04:48 AM|LINK
Hi Rex Lin
I have already followed all the steps for
web farm… Exported XML file from production server and
imported XML file on both the web server, given access rights to Network Services.
Feb 14, 2008 12:46 PM|LINK
Excellento. Thank you
Rex Lin - MSFT
I have been trying to Learn WCF and have tried to create a simple WCF service using Enterprise Library Framework and consume it in a client application. Unfortunately i have been struggling with the same error - "Failed to decrypt using provider 'RsaProtectedConfigurationProvider'.
Error message from the provider: The RSA key container could not be opened" , when I run my client.
My workstation is a Windows 2003 Standard server. I tried various forums and even the aspnet_regiis -pa "NetFrameworkConfigurationKey" "ASPNET" . But no help. Today after reading your comment, i tried the following:
aspnet_regiis -pa "NetFrameworkConfigurationKey" "Network Service" and GUESS WHAT!!!!!!!!!!!!
It WORKED!!!!!!!!!!!!! PHEW!!!!!
Windows 2003 Server
Windows Server 2003
web service configuration