I've been developing an ASP.NET site on an older machine running XP home. I recently got a new Win 7 PC and moved all my project files across. When I try and run the project, I get this error message:
我一直在运行XP home的旧机器上开发一个ASP.NET站点。我最近得到了一台新的Win 7 PC,并将我的所有项目文件都移动了。当我尝试运行该项目时,我收到以下错误消息:
"Failed to decrypt using provider 'MyRsaProtectedConfigurationProvider'. Error message from the provider: The RSA key container could not be opened."
“无法使用提供程序'MyRsaProtectedConfigurationProvider'解密。来自提供程序的错误消息:无法打开RSA密钥容器。”
I realised that I encrypted parts of my web.config file using a RSA encryption. This is where the problem now lies. I'm not sure how to get that key working again so that I can use it on my new machine. I exported the key from the older machine and imported it using:
我意识到我使用RSA加密加密了部分web.config文件。这就是现在问题所在。我不确定如何再次使用该键,以便我可以在我的新机器上使用它。我从旧机器导出密钥并使用以下方法导入它:
aspnet_regiis -pi "RSAProviderName" "C:\RSA_configkey.xml"
aspnet_regiis -pi“RSAProviderName”“C:\ RSA_configkey.xml”
This was imported successfully. I then ran the project, but the same error message came up. I figured it might be a permission thing, so I ran:
这是成功导入的。然后我运行了该项目,但出现了相同的错误消息。我认为这可能是一个许可的事情,所以我跑了:
aspnet_regiis -pa "RSAProviderName" "\Desktop" -full
aspnet_regiis -pa“RSAProviderName”“\ Desktop”-full
This was also successful, but I still get the error. From reading around, I've seen people use "ASPNET" instead of "\Desktop" (Desktop is my machine name). However, when I try and use "ASPNET", I get:
这也很成功,但我仍然得到错误。从阅读,我看到人们使用“ASPNET”而不是“\桌面”(桌面是我的机器名称)。但是,当我尝试使用“ASPNET”时,我得到:
No mapping between account name and security IDs was done. <Exception from HRESULT = 0x80070534
帐户名和安全ID之间没有映射。
I can't work on the project until this is fixed, so any help is much appreciated. Thanks!
在修复之前我无法完成项目,因此非常感谢任何帮助。谢谢!
1 个解决方案
#1
27
If you still have access to the older machine, you could always decrypt the configuration section on that machine, then copy the unencrypted config file to the new machine (and, if necessary, re-encrypt the file on the old machine).
如果您仍然可以访问旧计算机,则可以始终解密该计算机上的配置部分,然后将未加密的配置文件复制到新计算机(如果需要,还可以重新加密旧计算机上的文件)。
On Windows 7, the account under which your IIS application pools run by default will likely be ApplicationPoolIdentity (as opposed to ASPNET). To grant permissions, try this:
在Windows 7上,默认情况下运行IIS应用程序池的帐户可能是ApplicationPoolIdentity(而不是ASPNET)。要授予权限,请尝试以下操作:
aspnet_regiis -pa RSAProviderName "IIS APPPOOL\DefaultAppPool" -full
By the way, if you do decide to persevere with copying the key from the old machine to the new one, you should make sure that, when exporting, you export the private key data too:
顺便说一句,如果您决定坚持将密钥从旧计算机复制到新计算机,则应确保在导出时导出私钥数据:
aspnet_regiis -px RSAProviderName C:\RSA_configkey.xml -pri
And, optionally, to make the key data exportable during the import:
并且,可选地,在导入期间使密钥数据可导出:
aspnet_regiis -pi RSAProviderName C:\RSA_configkey.xml -exp
#1
27
If you still have access to the older machine, you could always decrypt the configuration section on that machine, then copy the unencrypted config file to the new machine (and, if necessary, re-encrypt the file on the old machine).
如果您仍然可以访问旧计算机,则可以始终解密该计算机上的配置部分,然后将未加密的配置文件复制到新计算机(如果需要,还可以重新加密旧计算机上的文件)。
On Windows 7, the account under which your IIS application pools run by default will likely be ApplicationPoolIdentity (as opposed to ASPNET). To grant permissions, try this:
在Windows 7上,默认情况下运行IIS应用程序池的帐户可能是ApplicationPoolIdentity(而不是ASPNET)。要授予权限,请尝试以下操作:
aspnet_regiis -pa RSAProviderName "IIS APPPOOL\DefaultAppPool" -full
By the way, if you do decide to persevere with copying the key from the old machine to the new one, you should make sure that, when exporting, you export the private key data too:
顺便说一句,如果您决定坚持将密钥从旧计算机复制到新计算机,则应确保在导出时导出私钥数据:
aspnet_regiis -px RSAProviderName C:\RSA_configkey.xml -pri
And, optionally, to make the key data exportable during the import:
并且,可选地,在导入期间使密钥数据可导出:
aspnet_regiis -pi RSAProviderName C:\RSA_configkey.xml -exp