Encrypt connectionStrings section of web.config
Web.Config
<configuration>
<connectionStrings>
<add name="ConnString" connectionString="Data
Source=.\SQLEXPRESS;
AttachDbFilename=|DataDirectory|MyDatabase.mdf;Integrated
Security=True;User Instance=True" />
</connectionStrings>
</configuration>
The easiest way to encrypt the <connectionStrings> section is to use the aspnet_regiis command-line tool.
This tool is located in the following folder:
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\
Executing the following command encrypts the <connectionStrings> section of a Web.Config file
located in a folder with the path c:\Websites\MyWebsite:
aspnet_regiis -pef connectionStrings "c:\Websites\MyWebsite"
The -pef option (Protect Encrypt Filepath) encrypts a particular configuration section located at a particular path.
You can decrypt a section with the -pdf option like this:
aspnet_regiis -pdf connectionStrings "c:\Websites\MyWebsite"
ASP.NET page can read the value of the connection string by using the <%$ ConnectionStrings:ConnString %> expression
http://nimishgarg.blogspot.com/2010/03/aspnet-encrypt-section-of-webconfig.html
Revision number 1, Thursday, March 11, 2010 8:51:40 PM by nimish_soft
This is not the most up to date version of this article. The most recent version can be found here.
You must Login to comment.
|
Thu, Mar 11, 2010 11:10 PM
by cnranasinghe
|
Sounds good. Can i use the connectionstring as a string variable in code behind after encrypted? or do i need to decrypt in code behind?
|
|
Sat, Mar 27, 2010 2:48 AM
by akhilrajau
|
There is no need to decrypt for using the encrypted session. If you want to edit then you want to decrypt... nice one
|
Revision #2
Wed, Aug 22, 2012 2:41 PM
by
|
Encrypt & Decrypt ConnectionString Section
Encrypt & Decrypt ConnectionString Section Sometimes we need to secure ConnectionString to prevent anyone can knows it. whatever your purpose from securing ConnectionString, there is a way to Encrypt and Decrypt ConnectionString by special codes as we
|