Encrypting normally involves logging onto the server in question, locating a few mildly obscure pieces of information and then running aspnet_regiis. It's not that hard but it isn't point and click easy as well.

I wanted to make it easier to update these files without needing to locate all the information each time so I wrote a little application to make the whole process a bit easier. The utility uses credentials you supply to log into your servers via WMI and locate the required information and then encrypt your files without needing to pull up a command prompt.

I'm not really a WinForms guy and WMI is certainly not my specialty, but this program came together pretty quickly and seems to be fairly decent.

How It Works

The first step is to provide your credentials to the server you want to log into. If you choose to run the tool on the actual server itself then you can leave all those fields blank (since WMI won't use them for local connections anyways). If you aren't an admin for that server or at least and account with some elevated credentials then this may not work for you.

Once you successfully connect to the server, a list of the sites on the server will be loaded along with any virtual directories (since they could potentially contain a web.config file). At this point you can simply browse around and find the web.config you're wanting to encrypt.

It's worth noting that if there aren't any web.config (that name specifically) found inside the directory then it won't be listed. If you happened to have something named web.temp.config then it won't show up on this list.

At this point the program is going to do a little painful WMI magic and connect out to your server and load the web.config file into the view. The config file will be parsed and all the root nodes will be listed as available to be encrypted.

There are apparently some rules about what can or cannot be encrypted, so if the actual aspnet_regiis call fails, you'll just end up with the same file as before, but you don't get an explicit message as to why (still trying to find out how I can access messages like that in a semi-reliable WMI fashion).

There isn't much configuration for this application. The default settings are used to perform the encryption and decryption of the web.config files, so if you are wanting to add some features on you are more than welcome to add them in. I'd love to hear about your changes so I can add them to this version.

This program is certified as 'Works On My Machine' - The author makes no warranties about how it might behave in your environment (but most likely you have nothing to worry about).