Encrypt and Decrypt Web.config Using aspnet_regiis.exe Tool

Using aspnet_regiis.exe tool to Encrypt and Decrypt Web.config Sections

Prerequisite (Deployment Server)

1. Locate the Framework Folder in the IIS Server, Ex: C:\Windows\Microsoft.NET\Framework{xx}\ v4.0.xxxxx OR v2.0.xxxxx.
2. Run the command prompt as Administrator Access,

Note. This tool (aspnet_regiis.exe) is typically found in the .NET Framework directory:

• C:\Windows\Microsoft.NET\Framework\v4.0.xxxxx\aspnet_regiis.exe
• C:\Windows\Microsoft.NET\Framework64\v4.0.xxxxx\aspnet_regiis.exe (for 64-bit)

Prerequisite (Local Development Machine)

1. Run the Developer Command Prompt for VS 20xx as Administrator Access

Commands to Execute

• To Encrypt Section

  > aspnet_regiis.exe -pef “<Section Name>” “<Physical Path located the Config File>”

• To Decrypt Section

  > aspnet_regiis.exe -pdf “<Section Name>” “<Physical Path located the Config File>”

Note

Encrypt or Decrypt Configuration Sections

• -pef <section> <physicalPath> → Encrypts a specific configuration section.

Example: aspnet_regiis -pef "appSettings" "C:\MyApp"

• -pdf <section> <physicalPath> → Decrypts a specific configuration section.

Example: aspnet_regiis -pdf " appSettings" "C:\MyApp"