Skip to main content

*** Archive *** Kofax TotalAgility - Encrypting and Decrypting the KTA web.config

Article # 3024630 - Page views: 214

Applies To

  • TotalAgility 7.6
  • TotalAgility 7.7
  • TotalAgility 7.8


The goal here is to encrypt the connection strings in the KTA web.config.

Note: These steps don't work for the executable configuration files.  For instructions on how to do this, see article here 


Start by backing up the existing web.config.

Add the below section to the web.config just above the </configuration> closing tag.

        <add name="RSAProvider" type="System.Configuration.RsaProtectedConfigurationProvider, System.Configuration, Version=, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL" keyContainerName="CPUServerKeys" useMachineContainer="true" />

Run command prompt as an administrator and change the location to the .NET framework directory using the below command

cd \WINDOWS\Microsoft.Net\Framework\v4.0.*

Finally, run the below command.  This will encrypt the appSettings section of the web.config that holds the connection strings

aspnet_regiis -pe "appSettings" -app "/TotalAgility" -prov "RSAProvider"

To decrypt the appSettings section, the below command can be used.

aspnet_regiis -pd "appSettings" -app "/TotalAgility"