Decrypting app.Config

Do you need to decrypt an app.config file? There are lots of directions explaining the process if you’re dealing with a web application, but if you’re dealing with a windows app or a service of some sort, you don’t have a web.config…  all you have is an app.config. The process isn’t all that different.

Here’s what an encrypted app.config “appSettings” section might look like.

<appSettings configProtectionProvider="RsaProtectedConfigurationProvider">
    <EncryptedData Type=""
      <EncryptionMethod Algorithm="" />
      <KeyInfo xmlns="">
        <EncryptedKey xmlns="">
          <EncryptionMethod Algorithm="" />
          <KeyInfo xmlns="">
            <KeyName>Rsa Key</KeyName>

I’ll make the assumption that you’re using the RsaProtectedConfigurationProvider and that it’s already setup. If it’s not, well… you’ll need to get that figured out first. To decrypt the file, you need to follow this process.

Copy your encrypted app.config file to a new file called web.config. Be sure the web.config is in the root directory of your application.

Run the following command – Notice the PDF to indicate we’re working with a physical file location and that the physical file location is the root of the application.

C:\tfs\datfsp101\jetstream\Runtime\Dev\WindowsServices\JetstreamDeviceConsoleService\Config>aspnet_regiis -pdf "appSettings" C:\tfs\datfsp101\jetstream\Runtime\Dev\WindowsServices\JetstreamDeviceConsoleService 

Decrypting configuration section...


Now, you can either rename your original app.config and copy your decrypted web.config over it or you can open web.config and paste the “appSettings” section over the encrypted portion in your app.config. Either way, you’re all set.

Scroll To Top