Thursday, July 30, 2015

Encryption of web.config file

There are two ways to encrypt your web.config sections.

1. Using VS.NET utility "aspnet_regiis"
 
    Ex.

    C:\Windows\Microsoft.NET\Framework\v2.0.50727 aspnet_regiis -pef "appSettings" "D:\project\PP_Publish" -prov RSAProtectedConfigurationProvider

   Follow the URL for more info.

   http://blogs.msdn.com/b/mosharaf/archive/2005/11/17/protectedconfiguration.aspx
 
  http://www.codeproject.com/Articles/877258/How-to-Encrypt-Web-config-Using-aspnet-regiis-exe

2. Programmatically encrypt your web.config file

   ///////////////////////// To Encrypt /////////////////////////
Configuration config;
ConfigurationSection configSection;
config = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
configSection = config.GetSection("connectionStrings");
if (configSection != null)
{
if (!(configSection.SectionInformation.IsLocked))
{
configSection.SectionInformation.ProtectSection("DataProtectionConfigurationProvider");
config.Save();
}
}



///////////////////////// To Decrypt /////////////////////////

Configuration configD;
ConfigurationSection configSectionD;
configD = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
configSectionD = configD.GetSection("connectionStrings");
if (configSectionD != null)
{
if (!(configSectionD.SectionInformation.IsLocked))
{
configSectionD.SectionInformation.UnprotectSection();
configD.Save();
}
}

For more info, follow the below URL

http://www.techrepublic.com/blog/software-engineer/encrypting-net-configuration-files-through-code/

Thanks
Anil
  

No comments:

Post a Comment