In Visual Studio 2012 I'm working on an ASP.NET MVC application which requires a Virtual Directory under the main application directory called "Shared". This happens to point to a UNC path, so I need to also specify the username & password to access the path with.
I'm doing so with the following command:
C:\Program Files\IIS Express> AppCmd.exe SET VDir /username:"DOMAIN\user" /password:"Password"
But when I run the application, I get the following configuration error when attempting to access the Shared virtual directory:
Failed to decrypt attribute 'password' because the keyset does not exist
The error screen then highlights the corresponding <virtualDirectory>
element in my applicationHost.config
file:
<virtualDirectory path="/Shared" physicalPath="\\MyNAS\MyUNCPath\Shared" userName="DOMAIN\user" password="[enc:RsaProtectedConfigurationProvider:ALONGENCRYPTIONSTRINGISHERE==:enc]" />
Now, I've been Googling madly for a couple of hours, and I've seen several comments indicating that the default (correct?) encryption type for my password in this scenario should be "AesProvider" not "RsaProtectedConfigurationProvider". But there doesn't seem to be any way to explicitly declare the encryption provider to use when setting the password.
In case it's helpful, the provider list in my applicationHost.config
looks like this:
<configProtectedData>
<providers>
<add name="IISWASOnlyRsaProvider" type="" description="Uses RsaCryptoServiceProvider to encrypt and decrypt" keyContainerName="iisWasKey" cspProviderName="" useMachineContainer="true" useOAEP="false" />
<add name="AesProvider" type="Microsoft.ApplicationHost.AesProtectedConfigurationProvider" description="Uses an AES session key to encrypt and decrypt" keyContainerName="iisConfigurationKey" cspProviderName="" useOAEP="false" useMachineContainer="true" sessionKey="ALONGENCRYPTIONKEYSTRINGISHERE" />
<add name="IISWASOnlyAesProvider" type="Microsoft.ApplicationHost.AesProtectedConfigurationProvider" description="Uses an AES session key to encrypt and decrypt" keyContainerName="iisWasKey" cspProviderName="" useOAEP="false" useMachineContainer="true" sessionKey="ANOTHERENCRYPTIONKEYSTRINGISHERE" />
</providers>
</configProtectedData>
My gut says there's some misconfiguration here, but I have no idea how to identify and fix the problem. Any ideas?