7

Create app.config in wpf (c#)

<?xml version="1.0"?>
<configuration>
  <connectionStrings>
    <clear />
    <add name="Name"
     providerName="MySql.Data"
     connectionString="Server=.net;Uid=;Pwd=H;Database=;charset=utf8;Allow Zero Datetime=true;" />
  </connectionStrings>
</configuration>

used code C#:

    Configuration config = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None);
    ConnectionStringsSection conStr = config.ConnectionStrings;
    if (!conStr.SectionInformation.IsProtected)
    {
        conStr.SectionInformation.ProtectSection("RSAProtectedConfigurationProvider");
        conStr.SectionInformation.ForceSave = true;
        config.Save();
    }
    else
    {
        foreach (ConnectionStringSettings ss in conStr.ConnectionStrings)
            Console.WriteLine(ss);
        Console.Read();
    }

config.Save(); - causes exception:

{"Failed to encrypt the section 'connectionStrings' using provider 'RsaProtectedConfigurationProvider'. The error message from the provider: Object already exists .\r\n"}

AlG
  • 14,697
  • 4
  • 41
  • 54
Mediator
  • 14,951
  • 35
  • 113
  • 191
  • 1
    @ThiefMaster: That is patently false. – jason Dec 01 '10 at 23:48
  • @ThiefMaster, I this read from forum...How is it done? – Mediator Dec 01 '10 at 23:50
  • Possible duplicate: http://stackoverflow.com/questions/42115/app-config-connection-string-protection-error – Cocowalla Dec 02 '10 at 01:16
  • @Jason: What's a good reason to encrypt a config file? The application needs to be able to decrypt it anyway so one could just extract the encryption keys from it... – ThiefMaster Dec 02 '10 at 01:20
  • 1
    @ThiefMaster: encrypting configuration files is common. It protects the configuration file against accidental media loss and against reads from unauthorized accounts. The config sections are protected using DPAPI. The fact that the .Net framework classes that manipulate config sections have explicit methods to encrypt and decrypt content should be a big warning sign that this operation is very, very legit. – Remus Rusanu Dec 02 '10 at 01:49
  • @ThiefMaster: It appears you made a bold statement without even understanding what is involved here. That's fine; we all do it from time to time. What saddens me is the upvotes on your comment. 1. You encrypt a configuration file to protect data. An example might be a database connection string. 2. You don't need to store a key in the executable; there are built-in routines for handling this problem and they are very secure. – jason Dec 02 '10 at 01:54
  • Deleted it.. it sounded like somebody was going to put sensitive data in a config file shipped to other people assuming they have no possibility of finding out that data. And in thise case it would have a bad thing indeed. – ThiefMaster Dec 02 '10 at 02:18
  • Everything is so simple? so give an example! I have not had a can to solve this. I need exmpale – Mediator Dec 02 '10 at 13:05
  • possible duplicate of [How should I encrypt the connection string in app.config?](http://stackoverflow.com/questions/5200805/how-should-i-encrypt-the-connection-string-in-app-config) – Peter Ritchie Feb 26 '13 at 18:20

3 Answers3

1

I was getting the same exception on Save. By running the application as an Administrator, I was able to get around this.

I added an app.manifest file to my project, and changed the execution level like so: requestedExecutionLevel level="requireAdministrator" uiAccess="false"

This way, I always run as admin, and have permissions to save the encrypted section.

Greg Thatcher
  • 1,303
  • 20
  • 29
1

Check the SectionInformation.ProtectSection Method

also check here

biju
  • 17,554
  • 10
  • 59
  • 95
0

You could look at using the aspnet_regiis.exe to perform encryption for you. Refer to this MSDN Link

This way you could perform encryption without writing code.

Prasanna K Rao
  • 1,086
  • 2
  • 8
  • 18
  • 1
    That works only with web.config files for ASP.Net hosted apps. – Remus Rusanu Dec 02 '10 at 01:52
  • It looks more like a permission issue. Can you try using the `DataProtectionConfigurationProvider`? Can you try to give additional permission to your login id via this command `aspnet_regiis -pa "NetFrameworkConfigurationKey" {domain}\{user}`? – Prasanna K Rao Dec 02 '10 at 09:50
  • Based on my experience, this approach does not work. See http://stackoverflow.com/q/39351945/147637 and http://stackoverflow.com/q/39338800/147637 – Jonesome Reinstate Monica Sep 12 '16 at 19:04
  • This works with both Web.Config and App.Config. Just rename App.Config as Web.Config. https://learn.microsoft.com/en-us/dotnet/framework/data/adonet/connection-strings-and-configuration-files?redirectedfrom=MSDN – J Weezy Jan 25 '21 at 22:51