Monday, February 25, 2008

Encryption connectionstring .NET Framework 2.0 using Tool

Configuration File Encryption

In the .NET Framework 2.0, developers will be able to encrypt sensitive parts of the web.config file (if containing password or keys, for instance) using the aspnet_regiis utility. The decryption is done transparently.

The DPAPI protected configuration provider supports machine-level and user-level stores for key storage. The choice of store depends largely on whether or not the application shares state with other applications and whether or not sensitive data must be kept private for each application.

If the application is deployed in the Web farm scenario, developers should use RSAProtectedConfigurationProvider to leverage the ease with which RSA keys can be exported on multiple systems. It uses RSA public key cryptography to provide data confidentiality.


The following example encrypts the connection string section using the tool aspnet_regiis:

try out this...

aspnet_regiis.exe -pef "connectionStrings" C:\VirtualDirectory\Path