How to Encrypt and Decrypt a web.config file

How Can We Help?

< Back

Debugging applications such as the Subscription Manager may require you to decrypt a web.config file to be able to view the settings in the “xmpro” section of the file.

Tip: XMPro applications generally keep settings in the web.config file in their own section, called “xmpro”. These settings will often be the only settings that are encrypted. To encrypt or decrypt a section in the web.config, follow the steps below:

  1. Open the web.config file with Notepad or Notepad++ (Administrator mode) and comment out the following section:
    a. <section name=”xmpro” type=”XMPro.Configuration.Configuration, XMPro.Configuration” />
  2. Search for “cmd” in the Start menu.
  3. Right click on “Command Prompt” and select the “Run as administrator” option.
  4. Navigate to the location of the ASP.NET IIS Registration Tool (Asp.net_regiis.exe). To find the location of the version of this tool you should use, use the link below.
  5. Use the following command to decrypt the “xmpro” section: “aspnet_regiis -pd “xmpro” -app “/{application_virtual_directory_name}
    a. For example, “aspnet_regiis -pd “xmpro” -app /subscriptionmanager”,
  6. Uncomment the section you’ve commented out in step 1.
  7. To encrypt the file again, repeat step 1, and use the following command to encrypt the “xmpro” section: “aspnet_regiis -pe “xmpro” -app “/SampleApplication” -prov “RsaProtectedConfigurationProvider””


Comments are closed.

This is the legacy version of the XMPro Documentation site. For the latest XMPro documentation, please visit