How to Generate Encryption Keys for an ASP.NET Application

The runtime requires encryption keys to manage sensitive data. This topic provides guidance on how to use Microsoft Windows PowerShell as an alternative to using the Profile Key Manager command line interface to generate new encryption keys.

For detailed information about using the key generation process and the Profile Key Manager tool, see Preparing to Use the Profile Key Manager.

Following is a sample Windows PowerShell script that generates new keys for a site named StoreFrontSite. The generated keys are then added to the registry under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CommerceServer\9.0 Keys\StoreFrontSite.

$CommerceServerSiteName = "StoreFrontSite"
$ProfileKeymanagerPath = "C:\Program Files (x86)\Microsoft Commerce Server 9.0\Tools\ProfileKeyManager.exe"
$KeyFileName = $CommerceServerSiteName + ".key"
[Diagnostics.Process]::Start($ProfileKeymanagerPath, " /kn /o " + $KeyFileName)
$regPath = "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CommerceServer\9.0 Keys\" + $CommerceServerSiteName
[Diagnostics.Process]::Start($ProfileKeymanagerPath, " /ke /f /kf .\" + $KeyFileName + " /reg """ + $regPath + """")