how to encrypt web.config file

[adugenet]

1-This might be a simple question but I do not know what to do here. I am trying to encrypt my web.config file connection string and I go this code..Do I just need to replace "/MyApplication" with one of my aspx pages like if I have yosef.aspx then I should replace it with that or do i have to do some thing else

2-So, if I use on of my aspx page to replace it, will my web.config file will be encrypted?

For example, the following command encrypts the <connectionStrings> section of the Web.config file for an application named MyApplication.

aspnet_regiis -pe "connectionStrings" -app "/MyApplication"

 

[TipGiver]

Its probably the late time because i didnt much understood this with the page and if you replace it or..

Anyway: A common task is to encrypt some sections of the web.config. In your site, you may have many web.config files. You specify the connection strings, app settings and other things in the one that is on the root. The other web.configs in other folders just grant or deny access (forms authentication for example with roles).

Here is how to en/decrypt with code:

http://aspnet.4guysfromrolla.com/articles/021506-1.aspx

* It will affect the web.config on the root.

 

[adugenet]

thank you TipGiver for your response I read the article you and It was very help full. I have a few unclear question;I have a question about encrypting connection strings in an asp.net 2.0 app in a shared hosting environment
If I encrypt it with aspnet_regiis on my local machine, how do I copy the encrypted code on the production (shared hosting server)?

I just only want to encryp the connection stirng for my apps without interfering the other web.config file for other applicaion on the host server.thanks a bunch.

 

[adugenet]

I am working from my local machine and I am managed to encrypt the connection string on my local machine and I am just wondering if I could run this on the server to encrypt my connection string. any help would be appreciated


Imports system.web.Configuration
Partial Class encrypt
Inherits System.Web.UI.Page
Protected Sub Encrytpconfig(ByVal bEncrypt As Boolean)
'c:\WebSites\estimating
Dim path = "/estimating"
Dim config As Configuration = WebConfigurationManager.OpenWebConfiguration(path)
Dim appSetting As ConfigurationSection = config.GetSection("connectionStrings")
If bEncrypt Then
appSetting.SectionInformation.ProtectSection("DataProtectionConfigurationProvider")
Else
appSetting.SectionInformation.UnprotectSection()
End If
config.Save()
End Sub
Protected Sub Button2_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button2.Click
Encrytpconfig(True)
End Sub
End Class

 

[ca8msm]

You could add the code you've written to the application start event. See here for an example.


____________________________________________________________
Mark,
[URL unfurl="true"]http://aspnetlibrary.com[/url]

Need help finding an answer? Try the Search Facility or read FAQ222-2244 on how to get better results.

 

[adugenet]

thank you Mark for the tip one more question though my application is shared hosting environment and I just want the web.config file that pertains to my application to be encrypted. I do not want to mess up somebody's web.config file.The code you provided it is only affect my web.config file.I really apperciate if you clarify this for me.

 

[ca8msm]

If you are in a shared hosting environment you shouldn't have access to anyone else's files anyway but either way, if you read the code in my example you'll see it references the web.config file based on the path of your global.asax file.


____________________________________________________________
Mark,
[URL unfurl="true"]http://aspnetlibrary.com[/url]

Need help finding an answer? Try the Search Facility or read FAQ222-2244 on how to get better results.

 

[adugenet]

Mark, I just did exactly like you mentioned on your code however, My connection string is still a plain text and not yet encrypted.Am I missing something here....sorry if I am asking a very simple question.