我一直在运行 XP home 的旧机器上开发 ASP.NET 站点。我最近买了一台新的 Win 7 电脑,并将我的所有项目文件移到了一起。当我尝试运行该项目时,收到以下错误消息:
“无法使用提供程序‘MyRsaProtectedConfigurationProvider’解密。来自提供程序的错误消息:无法打开 RSA 密钥容器。”
我意识到我使用 RSA 加密
加密了 web.config 文件的部分内容。现在的问题就出在这里。我不知道如何让该密钥再次工作,以便我可以在我的新机器上使用它。我从旧计算机导出密钥并使用以下命令导入:
aspnet_regiis -pi "RSAProviderName" "C:\RSA_configkey.xml"
已成功导入。然后我运行了该项目,但出现了相同的错误消息。我认为这可能是一个权限问题,所以我运行:
aspnet_regiis -pa "RSAProviderName" "\Desktop" -full
这也成功了,但我仍然收到错误。通过阅读,我看到人们使用“ASPNET”而不是“\Desktop”(Desktop 是我的计算机名称)。但是,当我尝试使用“ASPNET”时,我得到:
帐户名和安全 ID 之间没有完成映射。
在修复此问题之前我无法处理该项目,因此非常感谢任何帮助。
谢谢!
I've been developing an ASP.NET site on an older machine running XP home. I recently got a new Win 7 PC and moved all my project files across. When I try and run the project, I get this error message:
"Failed to decrypt using provider 'MyRsaProtectedConfigurationProvider'. Error message from the provider: The RSA key container could not be opened."
I realised that I encrypted parts of my web.config file using a RSA encryption
. This is where the problem now lies. I'm not sure how to get that key working again so that I can use it on my new machine. I exported the key from the older machine and imported it using:
aspnet_regiis -pi "RSAProviderName" "C:\RSA_configkey.xml"
This was imported successfully. I then ran the project, but the same error message came up. I figured it might be a permission thing, so I ran:
aspnet_regiis -pa "RSAProviderName" "\Desktop" -full
This was also successful, but I still get the error. From reading around, I've seen people use "ASPNET" instead of "\Desktop" (Desktop is my machine name). However, when I try and use "ASPNET", I get:
No mapping between account name and security IDs was done. <Exception from HRESULT = 0x80070534
I can't work on the project until this is fixed, so any help is much appreciated.
Thanks!
发布评论
评论(3)
如果您仍然可以访问旧计算机,则始终可以解密该计算机上的配置部分,然后将未加密的配置文件复制到新计算机(并且,如有必要,请重新加密旧计算机上的文件)。
在 Windows 7 上,默认情况下运行 IIS 应用程序池的帐户可能是 ApplicationPoolIdentity (与ASPNET相反)。要授予权限,请尝试以下操作:
顺便说一句,如果您决定坚持将密钥从旧计算机复制到新计算机,则应确保在导出时也导出私钥数据:
并且,可选,使关键数据在导入过程中可导出:
If you still have access to the older machine, you could always decrypt the configuration section on that machine, then copy the unencrypted config file to the new machine (and, if necessary, re-encrypt the file on the old machine).
On Windows 7, the account under which your IIS application pools run by default will likely be ApplicationPoolIdentity (as opposed to ASPNET). To grant permissions, try this:
By the way, if you do decide to persevere with copying the key from the old machine to the new one, you should make sure that, when exporting, you export the private key data too:
And, optionally, to make the key data exportable during the import:
我遇到了同样的问题,但使用管理员运行 commandprompt/powershell 解决了该问题。
I was facing the same issue, But running the commandprompt/powershell using administrator resolved the issue.
就我而言,Visual Studio 应该以管理员身份执行;否则无法打开 RSA 密钥容器。
In my case, Visual Studio should be executed AS Administrator; Otherwise it cannot open the RSA Keys container.