Encrypting configuration section...
An error occurred creating the configuration section handler for myConfigSection: Could not load file or assembly 'MyAssembly, Version=2.0.0.0, Culture=neutral' or one of its dependencies. The system cannot find the file specified.
...
Failed!
Disheartening, eh? I looked to the Internet and the advice seemed to be to copy the "missing" assembly to the .NET framework folder. I strongly suggest you don't do that, messing around in the framework's folder is not recommended. That folder belongs to Microsoft.
Fortunately I found a much easier workaround. I'll give an example where I encrypt the configuration section for the NWebsec security library, in the DemoSiteWebForms project that's part of the project's solution.
The screenshot shows the error you get when trying to encrypt the nwebsec/httpHeaderSecurityModule section.
 |
| The dreaded configuration section encryption error. |
Now for the workaround. The configuration section is declared at the very top of the config file. Simply comment out the section declaration and you're good to go.
<configSections> <sectionGroup name="nwebsec"> <!-- For information on how to configure NWebsec please visit: http://nwebsec.codeplex.com/wikipage?title=Configuration --> <!-- section name="httpHeaderSecurityModule" type="NWebsec.Modules.Configuration.HttpHeaderSecurityConfigurationSection, NWebsec, Version=2.0.0.0, Culture=neutral"/ --> </sectionGroup> </configSections>
Success! Remember to uncomment the section declaration afterwards and your web.config should be all set.
You'll also need to comment out the configuration section declaration if you want to decrypt the configuration section.
You can have a look at Encrypting Configuration Information Using Protected Configuration to learn more about how configuration encryption works. It's well documented, except for this quirk.
Very clever and Ninjalike
ReplyDeleteGreat finding. I followed your method and received a successful message from the encryption process but nothing has changed to my custom config content at all. Any suggestion would be much appreciated.
ReplyDeleteDid you re-open the file after the configuration section was encrypted? There should be changes to the file when it reports success.
Deletethank you Very much for your Solution.
ReplyDeleteThis is great but if someone has got as far as your web.config then they probably have access to the machine key that you used for encryption.
ReplyDeleteThis means that they will then be able to decrypt it again. I would say this is VERY secret.
Yes, if someone gets access to the production server you might be in trouble, but that depends on their level of access. The key container has its own ACL, and they would need to get hold of both the web.config and the key container file before the damage is done. With write access to the web.config on the production server they could also take a different approach by simply swapping the encrypted configuration with their own unencrypted one. This would be devastating if they did it for e.g. the machineKey settings. The moral of the story: don't let people access production servers unless you trust them. :)
DeleteOne of the primary advantages of encrypting the configuration section is that you can have the (encrypted) web.config in source control, nobody would be able to read the encrypted section unless they also had access to the key container - which should only exist on the production server and on some offline media stored in a safe/vault.
I am still getting same error
ReplyDeleteYou should check which assembly is mentioned in the error message, and comment out the configuration section declaration that refers to that assembly.
DeleteThanks its working fine
DeleteWorked perfectly, thank you! :)
ReplyDeleteI was searching for an acceptable solution forever. This one did the trick! Thanks!
ReplyDeleteI wrote my own tool to perform configuration encryption and decryption to get-around this
ReplyDeleteridiculous problem.
the problem is overcome in two ways, firstly if the assembly cannot be loaded it will automatically search for it recursively in bin directories below the config file. If this fails then It has a parameter that allows you to specify an assembly load hint path where it will look for assemblies that are required. If anyone wants a copy leave a comment. I will look to get this open sourced ASAP as I believe it will be useful.
Carl
Feel free to drop a link here if you open source it!
Deletethis worked. Thanks
ReplyDeleteGreat tip! Thank you
ReplyDeleteworked thanks!
ReplyDeletetrue religion outlet
ReplyDeleteray ban sunglasses
polo ralph lauren outlet online
adidas outlet store
ray ban
nike shoes for men
nike shoes
polo outlet
cheap ray ban sunglasses
prada outlet store
chenlili20170324
I've done this and have my custom section encrypting properly. However, when we run the web application, we get "Unrecognized attribute 'configProtectionProvider'" Have you encountered this?
ReplyDeletemichael kors uk
ReplyDeletecoach outlet
mavericks jerseys
jordan retro
oakley sunglasses
under armour outlet
abercrombie kids
vibram fivefingers
timberland boots
ray ban sunglasses
chenlina20170421
20170518 leilei3915
ReplyDeleteadidas outlet store
polo ralph lauren
mulberry uk
hermes belts outlet
kate spade handbags
kate spade outlet online
nike shoes on sale
oakley sunglasses wholesale
cheap oakley sunglasses
christian louboutin shoes
I encourage you to familiarize with this information on how to tell if your phone is tapped.
ReplyDelete20170929 leilei3915
ReplyDeletepolo ralph lauren
polo ralph lauren
coach factory outlet
pandora charms
cheap uggs
canada goose outlet store
pandora jewelry
moncler outlet
canada goose
kate spade handbags
ugg shoes
ReplyDeletecanada goose jackets
coach outlet store
kate spade handbags
adidas shoes
jordan retro
kate spade outlet store
coach outlet store
nike air max
coach factory outlet
12.09linpingping
Thank you Very much for your Solution.
ReplyDeleteGclub Slot Gclub ruby888
Read the news and listen to music online here.
ReplyDeleteเนื้อเพลงประกอบซีรีย์
ป๊อกเด้ง
เนื้อเพลงลูกทุ่ง
Gclub
Thank you for sharing the post.
ReplyDeletenet worth stat
thank for good sharing,....
ReplyDeleteโกลเด้นสล็อต
goldenslot
golden slot
ทางเข้า goldenslot
goldenslot online
20180831xiaoke
ReplyDeletefreshjive clothing
coach factory outlet
canada goose jackets
polo ralph lauren shirts
canada goose
tory burch sandals
the north face
canada goose outlet online
coach factory outlet
harry winston jewelry
surveillancekart security system
ReplyDeletesurveillancekart cctv installation services
cp plus
Pestveda pest control services
dezigly
The feedgasm Latest News And Breaking News
quicksodes
latest news in hindi
definately enjoy every little bit of it and I have you bookmarked to check out new stuff of your blog a must read blog! same day embroidery
ReplyDeleteI recently found many useful information in your website especially this blog page. Among the lots of comments on your articles. Thanks for sharing
ReplyDelete
ReplyDeleteشركة تنظيف بالمدينة المنورة شركة نظافة بالمدينة المنورة
__
شركة رش مبيدات بالدمام افضل شركة رش مبيدات بالدمام
افضل شركة تنظيف بالدمام افضل شركات تنظيف بالدمام
AVRiQ
ReplyDeletethesportsrumour
ppc for tech support
ReplyDeleteweb designing company in Gurgaon
Some web masters are confused about what web designers do that is different to web 2.0 creationspecialists as sometimes a site will rise in the SERPS after it has been revamped by a web designer. Read this article to find out why a web designer shouldn't be asked to do SEO.
ReplyDelete