I currently use this method to encrypt the AppSettings section of my application's web.config file: aspnet_regiis.exe -pe "appSettings" -site "MySite" -app "/"

But now I have moved some settings out to another file using the element

<appSettings file="IndividualAppSettings.config" >

I can still encrypt the app setting in the web.config, but is there any way to encrypt the content of the additional IndividualAppSettings.config file?

We do this all the time as we use external files for each of our environments.

First your appSettings element needs to look like this:

<appSettings configSource="IndividualAppSettings.config" />

Next, we call the encryption from the cmdline using:

aspnet_regiis -pe "appSettings" -prov "{0}" -site {1} -app "/"

where:

• {0} is the name of your encryption provider specified in the web.config.
• {1} is the Id of your site in IIS