It is possible to encrypt the <connectionStrings> section in the web.config file, and deploy it to a web server? On the web server I cannot execute .exe files because it is a public web server (pay monthly).
Asked
Active
Viewed 603 times
-1
Daniel Gray
- 1,697
- 1
- 21
- 41
Joel
- 65
- 1
- 10
1 Answers
0
Two options that I see are:
If you have no choice, then you could try to encrypt the connection string values when storing them and then decrypt them when retrieving them (you would need additional cryptographic code to do this, related info in this question)
If you are somehow able to execute commands (from the command prompt) on the server, then follow the steps outlined in this article to encrypt the file (on your PC):
Open command prompt with Adminstrator rights.
Change folders:
cd C:\Windows\Microsoft.NET\Framework\v4.0.30319Encrypt the web config file:
ASPNET_REGIIS -pef "connectionStrings" "C:\path/to/webConfig"You will be able to directly access the decrypted value via the
ConfigurationManager:string ConnString = ConfigurationManager.ConnectionStrings[1].ToString();You must execute the command on the server, as if you move the
Web.configto another machine, the file will be impossible to decrypt, since the keys are stored within the server itself.
Community
- 1
- 1
Daniel Gray
- 1,697
- 1
- 21
- 41