MSDeploy automatic encryption of connection string

2019-06-16 17:37发布

问题:

Since Web Deploy 3.5 automatic encryption of connection strings is supported using the flag: –EnableRule:EncryptWebConfig. However, upon running it with:

"C:\Program Files\IIS\Microsoft Web Deploy V3\msdeploy.exe" -source:package='C:\[...]\MyApp.WebDeployPackage.zip' -dest:auto,includeAcls="False" -verb:sync -disableLink:AppPoolExtension -disableLink:ContentExtension -disableLink:CertificateExtension -setParamFile:"C:\[...]\MyApp.SetParameters.xml" -EnableRule:EncryptWebConfig  -verbose

I get:

Error Code: ERROR_FAILED_TO_ENCRYPT_WEB_CONFIG
More Information: Failed to encrypt destination web.config: C:\[...]\Web.config.  
Learn more at: http://go.microsoft.com/fwlink/?LinkId=221672#ERROR_FAILED_TO_ENCRYPT_WEB_CONFIG.
Error: The given key was not present in the dictionary.

The Learn more-link points to dated documentation, and I can't seem to find any info online.

I suspect the tool is using aspnet_regiis behind the scenes, but I'm not sure. Yes, I'm running the above with full Admin-rights.

回答1:

I had the same problem, but it wasn't due to a nested web.config file. Turns out for some reason my deploy user wasn't able to access the key container (in the Web Deployment Service error logs, the exception thrown was System.Configuration.ConfigurationErrorsException: The RSA key container could not be opened. ).

I ended up using this command: aspnet_regiis -pa "NetFrameworkConfigurationKey" "<MYUSER>" to give <MYUSER> the necessary access.



回答2:

I had the same issue, took me a while to find out the fix - uninstalling Web Deploy (via Add/Remove Programs) and installing again (via Web Platform Installer) did the trick.

To make it easier for others to read actual errors - they are recorded in System Event Logs, you need to navigate down the tree and expand applications and down to Web Deploy.



回答3:

I got the same issue due to having nested web.config files.

This appears to be a bug in the EncryptWebConfig rule.

You can work around this issue if you can manage with just a root web.config.



回答4:

installing web deploy 3.6 on the server from the web platform installed fixed my problem