public void EncryptConnectionString()
{
Configuration configuration = WebConfigurationManager .OpenWebConfiguration("~" );
ConfigurationSection configurationSection = configuration.GetSection("connectionstrings" );
if (configurationSection != null && !configurationSection.SectionInformation.IsLocked && !configurationSection.SectionInformation.IsProtected
&& !configurationSection.IsReadOnly())
{
configurationSection.SectionInformation.ProtectSection("RsaProtectedConfigurationProvider" );
configurationSection.SectionInformation.ForceSave = true ;
configuration.Save(ConfigurationSaveMode .Full);
}
else
{
if (configurationSection != null )
{
configurationSection.SectionInformation.UnprotectSection();
configurationSection.SectionInformation.ForceSave = true ;
}
configuration.Save(ConfigurationSaveMode .Full);
}
}
Encryption and decryption is performed using the Windows Data Protection API (DPAPI). Because
DPAPI does not allow the exporting of keys, this provider should be used in situations where
the deployed solution is limited to a single server.
if you want to encrypt any section of configuration file in non- programmatic way. Doing this
means that the configuration section can be encrypted before use and then, as suggested
earlier, it is decrypted transparently at run time only for use by the server. This can all
be achieved at the command prompt using the Aspnet_regiis utility.
Keep, this in your mind ...> It should be noted that the encryption of configuration sections
can cause problems. If the section is encrypted using DataProtectionConfigurationProvider and
the config file is moved to a different machine, this new location cannot decrypt the value. With RSAProtectedConfigurationProvider, however, the key can be exported to a different machine along with the configuration file; this means decryption can take place using the same exported key.
Use the Highlighter
This website now has an AutoPublish widget:
