Encrypting Connection String in web.config

asp.net .net encryption web-config

How can we encrypt the connection string section in web.config file?


Solution 1:

Rahul, converting a string from ASCII to base64 string isn't an encryption, which is what your first link suggests. We can easily convert base64 to ASCII.

Using configsection.protectSection() with an RSA key is a proper encryption that is available for sections of the Web.config file.

Check this link: http://www.beansoftware.com/ASP.NET-Tutorials/Encrypting-Connection-String.aspx

Please note, that we can not encrypt Web.config file in a shared hosting environment where Trust level is set to medium trust.

Solution 2:

To save having to visit external links, in C:\Windows\Microsoft.NET\Framework\v4.0.30319 (for .NET 4 / 4.5)

aspnet_regiis.exe -pe "connectionStrings" -app "/YourWebSiteName" -prov "DataProtectionConfigurationProvider"

To decrypt connectionStrings section using this tool, you can specify following command in aspnet_iisreg.exe tool.

aspnet_regiis.exe -pd "connectionStrings" -app "/YouWebSiteName"

Solution 3:

use aspnet_regiis.exe http://msdn.microsoft.com/en-us/library/zhhddkxy.aspx

http://msdn.microsoft.com/en-us/library/system.configuration.sectioninformation.protectsection.aspx

Solution 4:

Run this in Command : aspnet_regiis.exe -pef "connectionStrings" "pathToWebConfig"

or , if you want this to run programatically you can create a Process :

            string fileName = @"C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe";

            if (8 == IntPtr.Size
                || (!string.IsNullOrEmpty(Environment.GetEnvironmentVariable("PROCESSOR_ARCHITEW6432"))))
            fileName = @"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regiis.exe";

            string arguments = $"-pef \"connectionStrings\" \"{application.Path}\"";

            using (Process process = new Process())
            {
                process.EnableRaisingEvents = true;
                process.StartInfo = new ProcessStartInfo
                {
                    FileName = exeName,
                    Arguments = arguments,
                    UseShellExecute = false,
                    RedirectStandardOutput = true,
                    RedirectStandardError = true,
                    CreateNoWindow = true
                };

                process.Start();
                processOutput.Output = process.StandardOutput.ReadToEnd();
                bool exited = process.WaitForExit(timeoutMilliseconds);
                if (exited)
                {
                    processOutput.ExitCode = process.ExitCode;
                }
            }

Related

Update a Value in One Column Based on Criteria in Other Columns
Template deduction for function based on its return type?
Flash video not displaying in WebView for Android 3.0.1
What does this "(function(){});", a function inside brackets, mean in javascript? [duplicate]
How to downsize std::vector?
Getting the current GMT world time
How can I open a website with urllib via proxy in Python?
Zebra LP2844 stopped responding to ZPL Commands or Files
Setup TLS for gRPC across kubernetes clusters
Are ! and not different in python? [duplicate]
Calling "select" on fd 0 requires <Enter> to fire
Error while executing groovy script