mono-configuration-crypto man page
mono-configuration-crypto, — Mono configuration utility to manage encryption keys and encrypt/decrypt config file sections
mono-configuration-crypto is a utility to manage mono encryption key container store and to encrypt/decrypt config file sections.
- -h, -?, --help
- Show usage information
- -v, --verbose
- Show verbose information (including exception stacktraces)
- -m, --machine, --global
- Use machine (global) store for all the key actions. Note that on Unix machines global store is located in /usr/share/.mono and modifying it requires root user permissions.
- -u, --user, --local
- Use local (user) store for all the key actions. User key store is located in the $HOME/.config/.mono directory. This is the default location used by mono-configuration-crypto.
- -l, --list
- List all the key container names in the store. Note that some container names might be just GUID strings.
- -c, --create
- Creates an RSA public/private key pair. If the specified container (see the -f option) already exists, the operation will fail.
- -i, --import
- Imports key to a container. Imports a key from file (specified by the -f option) and puts it as the first key in the specified container (see the -n option). If container exists, its first key is replaced. If container doesn't exist, it is created. No validation is performed on the key value - this is left to the protection provider or encryption code which uses the key.
- -x, --export
- Exports key from a container. Exports a key from indicated container (see the -n option) and puts it in the specified file (see the -f option) as XML. The file can later be used to import the key.
- -r, --remove
- Remove a container. Physically removes the container file from disk.
- -f, --file=VALUE
- File name for import or export operations. All options which read or write anything to/from files require this option to be present on the command line.
- -cf, --config-file=VALUE
- Config file name. Specifies base name of the config file, used in encrypt and decrypt operations. Files are sought for case-insensitively. Defaults to Web.config
- -n, --name=VALUE
- Container name. If this option is absent from the command line it defaults to MonoFrameworkConfigurationKey (the default key name used by System.Configuration section encryption/decryption code)
- -s, --size=VALUE
- Key size. Specifies the key length for the create operation (see the -c option). Defaults to 1024.
- -p, --path=VALUE
- Application physical path. Used when encrypting/decrypting configuration file sections to specify the directory in which the configuration file lives (see the -cf option). Defaults to current directory.
- -d, --dec, --decrypt=VALUE
- Decrypt configuration section. Configuration section must follow the format used when calling ConfigurationManager.GetSection, i.e.: path/to/section. Only sections known to the configuration system will be processed.
- -e, --enc, --encrypt=VALUE
- Encrypt configuration section. Configuration section must follow the format used when calling ConfigurationManager.GetSection, i.e.: path/to/section. Only sections known to the configuration system will be processed.