If you are getting a message for your recently developed .Net application when you publish to the server to the effect of:
Chances are the server you are deploying to does not have the appropriate framework to support your app.
Download the Microsoft .Net Framework 4.6.1 and install it to resolve this. It will likely require a server reboot to complete it so don’t do it on prod mid-day! Hope this helps, questions are welcome!
The Issue:
After I had updated my .Net Core on my developer machine to a newer version I went to debug a web application I had and received this error:
Could not load file or assembly 'DotNetOpenAuth.Core, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246' or one of its dependencies. The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040)
The Problem:
Here is what I had in my config prior to the update install:
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="DotNetOpenAuth.Core" publicKeyToken="2780ccd10d57b246" />
<bindingRedirect oldVersion="1.0.0.0-4.0.0.0" newVersion="4.1.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="DotNetOpenAuth.AspNet" publicKeyToken="2780ccd10d57b246" />
<bindingRedirect oldVersion="1.0.0.0-4.0.0.0" newVersion="4.1.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="EntityFramework" publicKeyToken="b77a5c561934e089" />
<bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0" />
</dependentAssembly>
</assemblyBinding>
</runtime>
I had outdated references in my config file.
The Solution:
Ensure your references get updated after you update your development environment.
Here is what I updated to:
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="DotNetOpenAuth.AspNet" publicKeyToken="2780ccd10d57b246" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-4.3.0.0" newVersion="4.3.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="DotNetOpenAuth.Core" publicKeyToken="2780ccd10d57b246" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-4.3.0.0" newVersion="4.3.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="EntityFramework" publicKeyToken="b77a5c561934e089" />
<bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0" />
</dependentAssembly>
</assemblyBinding>
</runtime>
Hope that helps. Questions are always welcome.
This page will attempt to describe how to encrypt sensitive information contained in .NET config files using the RSA Key Container, as well as how to export/import the key from that container so that other developers may use the same key to work on the same project.
Helpful Tips: The aspnet_regiis.exe utility must be run as a administrator, otherwise you may receive “duplicate object” errors. In addition, you will want to run Visual Studio as an administrator to ensure the program has access to the RSA Key Container store.
Creating a Custom RSA Key Container
In this part we will create an RSA key container by using aspnet_regiis.exe with the -pc option. This identifies the RSA key container as a user-level key container. RSA key containers must be identified as either user-level (by using the -pku option) or machine-level (by not using the -pku option). For more information about machine-level and user-level RSA key containers, see Understanding Machine-Level and User-Level RSA Key Containers.
In this example the following command will create an RSA key container named SampleKeys that is a machine-level key container and is exportable:
cd \WINDOWS\Microsoft.Net\Framework\v4.0.* aspnet_regiis -pc "SampleKeys"–exp
Adding your provider to the web.config
The following example shows the configProtectedData section of a Web.config file. The section specifies an RsaProtectedConfigurationProvider that uses a machine-level RSA key container named SampleKeys.
<configProtectedData>
<providers>
<add keyContainerName="SampleKeys" useMachineContainer="true" description="RsaCryptoServiceProvider" name="SampleKeys" type="System.Configuration.RsaProtectedConfigurationProvider,System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
</configProtectedData>
Importing and Exporting the Key Container
In order for another developer to run your project (encrypted by your key) you will need to export a key to be used by another developer:
aspnet_regiis -px "SampleKeys" "C:\keys.xml" -pri
Once you pass this along to another user to use then import with the following command:
aspnet_regiis -pi "SampleKeys" "C:\keys.xml"
If this is a machine level container, the code should now run without the need to assign permissions. However, if it’s a user container (i.e. your app pool is ran by a specific user or service account), additional permissions may need to be assigned:
aspnet_regiis -pa "SampleKeys" "NT AUTHORITY\NETWORK SERVICE" aspnet_regiis -pa "SampleKeys" "[impersonation account]"
To use the default RsaProtectedConfigurationProvider specified in the machine configuration, you must first grant the application’s Windows identity access to the machine key container named NetFrameworkConfigurationKey, which is the key container specified for the default provider. For example, the following command grants the NETWORK SERVICE account access to the RSA key container used by the default RsaProtectedConfigurationProvider:
aspnet_regiis -pa "NetFrameworkConfigurationKey" "NT AUTHORITY\NETWORK SERVICE"
Encrypting and Decrypting Config Sections
.NET allows specific sections of a config file to be encrypted, so non-sensitive information can still be accessed. To encrypt a section:
aspnet_regiis -pef [section] [path] -prov [provider]
Where [section] is the name of the config section, relative to the configuration tag. [path] is the relative path to the directory containing the web.config file. For example, the following commands will encrypt the appSettings section as well as the impersonation credentials:
cd C:\SolutionFolder aspnet_regiis -pef appSettings ProjectFolder -prov SampleKeys aspnet_regiis -pef system.web/identity ProjectFolder -prov SampleKeys
To decrypt the appSettings section:
aspnet_regiis -pdf appSettings ProjectFolder
Partially Encrypting a Section
It may be necessary to only encrypt part of a section in a web.config file. For example, if the appSettings section contains multiple, non-sensitive keys and only a subset contain sensitive information. To encrypt only a few keys, a second appSettings section must be created and the new keys moved into it. The keys are accessed exactly the same way in the code, so no coding changes are needed.
First, register a new section name called secureAppSettings by placing the following XML under the configuration node:
<configSections> <section name="secureAppSettings" type="System.Configuration.NameValueSectionHandler, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" /> </configSections>
Next, create a new section called secureAppSettings and move the sensitive keys under it:
<secureAppSettings>
<add key="Username" value="XXX" />
<add key="Password" value="XXX" />
</secureAppSettings>
<appSettings>
<add key="NotSensitive" value="XXX" />
</appSettings>
Finally, the new secure section can be encrypted and decrypted independently of the existing appSettings section:
aspnet_regiis -pef secureAppSettings ProjectFolder -prov ProviderName
App.config
This Microsoft utility was designed for web.config files. It will not find app.config files for other project types. To encrypt these config files, just rename them to web.config prior to encrypting, then rename back afterwards.
Other Helpful Links:
I have received this requirement on more than one occasion so I thought it would benefit others if I posted these snippets. So here we go, let’s export a gridview as an excel file.
For starters let’s add a couple controls to the front-end aspx page:
<asp:Button ID="btnExport" runat="server" Text="Export Results To Excel" /> &nbsp;&nbsp;<br /><br /> <asp:GridView ID="grdSearch" runat="server" CellPadding="3" BackColor="White" BorderColor="#CCCCCC" BorderStyle="None" BorderWidth="1px"> <FooterStyle BackColor="White" ForeColor="#000066" /> <HeaderStyle BackColor="#006699" Font-Bold="True" ForeColor="White" /> <PagerStyle BackColor="White" ForeColor="#000066" HorizontalAlign="Left" /> <RowStyle ForeColor="#000066" /> <SelectedRowStyle BackColor="#669999" Font-Bold="True" ForeColor="White" /> <SortedAscendingCellStyle BackColor="#F1F1F1" /> <SortedAscendingHeaderStyle BackColor="#007DBB" /> <SortedDescendingCellStyle BackColor="#CAC9C9" /> <SortedDescendingHeaderStyle BackColor="#00547E" /> </asp:GridView>
I’m going to assume you know how to wire in your gridview to return results.
With that assumption in place here is the click event that performs the export (in VB):
You will need: Imports System.IO
Protected Sub btnExport_Click(sender As Object, e As EventArgs) Handles btnExport.Click
Try
Response.Clear()
Response.Buffer = True
Response.ClearContent()
Response.ClearHeaders()
Response.Charset = ""
Dim FileName As String = "filename" + DateTime.Now + ".xls"
Dim strwritter As New StringWriter()
Dim htmltextwrtter As New HtmlTextWriter(strwritter)
Response.Cache.SetCacheability(HttpCacheability.NoCache)
Response.ContentType = "application/vnd.ms-excel"
Response.AddHeader("Content-Disposition", Convert.ToString("attachment;filename=") & FileName)
grdSearch.GridLines = GridLines.Both
grdSearch.HeaderStyle.Font.Bold = True
grdSearch.RenderControl(htmltextwrtter)
Response.Write(strwritter.ToString())
Response.[End]()
Catch ex As Exception
' Do something important here if you expect strange results
End Try
End Sub
Now in C#:
You will need: using System.IO;
try {
Response.Clear();
Response.Buffer = true;
Response.ClearContent();
Response.ClearHeaders();
Response.Charset = "";
string FileName = "filename" + DateTime.Now + ".xls";
StringWriter strwritter = new StringWriter();
HtmlTextWriter htmltextwrtter = new HtmlTextWriter(strwritter);
Response.Cache.SetCacheability(HttpCacheability.NoCache);
Response.ContentType = "application/vnd.ms-excel";
Response.AddHeader("Content-Disposition", Convert.ToString("attachment;filename=") + FileName);
grdSearch.GridLines = GridLines.Both;
grdSearch.HeaderStyle.Font.Bold = true;
grdSearch.RenderControl(htmltextwrtter);
Response.Write(strwritter.ToString());
Response.End();
} catch (Exception ex) {
// Do something important here if you expect strange results
}
I realize you may not need some of the formatting that I used in this example so remove the Gridview related property assignments in the export snippet. Also, depending on how you format your gridview on the aspx page will dictate some of the formatting you have on the spreadsheet. Hope this helps, questions are welcome.
If you have .Net web applications that are connecting to data sources that you do not want other users to know about then chances are it is about time to start encrypting the connection strings. Why is this important? If you have an external website that fails (and you do not have any custom error pages) then you may expose connection information in the stack trace or error messages. Also, you do not want to allow other developers that stumble upon your connection string to see your connection information in clear text. Over time and many applications later I went from trying to remember paths and commands and have created batch files to perform this on a minimal web.config.
I am going to walk through how to create some encrypt/decrypt batch files and how these are used in conjunction with your web.config.
echo Decrypting connection strings C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regiis.exe -pdf "connectionStrings" "C:\decrypter" Pause
echo Encrypting connection strings C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regiis.exe -pef "connectionStrings" "C:\decrypter" Pause
<?xml version="1.0" encoding="utf-8"?> <configuration> <connectionStrings> <add name="Demo" connectionString="Data Source=123.45.67.89;Initial Catalog=DemoCatalog;Persist Security Info=True;User ID=specialuser;Password=specialpassword" providerName="System.Data.SqlClient" /> </connectionStrings> </configuration>
<?xml version="1.0" encoding="utf-8"?> <configuration> <connectionStrings configProtectionProvider="RsaProtectedConfigurationProvider"> <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns="http://www.w3.org/2001/04/xmlenc#"> <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" /> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#"> <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" /> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> <KeyName>Rsa Key</KeyName> </KeyInfo> <CipherData> <CipherValue>You'll Have A Cipher Here.</CipherValue> </CipherData> </EncryptedKey> </KeyInfo> <CipherData> <CipherValue>You'll Have A Cipher Here.</CipherValue> </CipherData> </EncryptedData> </connectionStrings> </configuration>
@JaredMeredith 