I am using Enterprise library v3.1 for developing a windows application. its working well.but there is a security issue, when i deploy this application on client machine the applicationname.exe.config contains connectionString and other secure information. My question is how I can secure applicationname.exe.config file so that anyone could not open it.
I have tried encryption of Data Access Application Block (with both providers RSA & DPAPI) using enterprise library configuration tool. but when I deploy on client machine it gives these errors:
System.Configuration.ConfigurationErrorsException: Failed to decrypt using provider 'RsaProtectedConfigurationProvider'. Error message from the provider: The RSA key container could not be opened. (C:\Program Files\Tesst APP\Test APP.exe.config line 30) --->
System.Configuration.ConfigurationErrorsException: The RSA key container could not be opened.System.Configuration.ConfigurationErrorsException: Failed to decrypt using provider 'DataProtectionConfigurationProvider'. Error message from the provider: Key not valid for use in specified state. (Exception from HRESULT: 0x8009000B) (C:\Program Files\Test APP\Test APP.exe.config line 17) ---> System.Runtime.InteropServices.COMException (0x8009000B): Key not valid for use in specified state. (Exception from HRESULT: 0x8009000B).
Also app.config contains<machineKey validationKey="somevalue" decryptionKey="somevalue" validation="SHA1" />I want it should be also encrypted.
I will be very thankful for any help.