I'm trying to protect the connectionStrings in my app.config.
When the config has the connectionStrings unprotected, at the start I'm using this code to protect it:
try
{
Configuration config = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None);
ConnectionStringsSection connSection = config.GetSection("connectionStrings") as ConnectionStringsSection;
if (connSection != null)
{
if (!connSection.SectionInformation.IsProtected)
{
connSection.SectionInformation.ProtectSection("DataProtectionConfigurationProvider");
}
else
{
connSection.SectionInformation.UnprotectSection();
}
}
config.Save(ConfigurationSaveMode.Modified, true);
}
catch (Exception ex)
{
...
}
Testing it in my own computer, works perfectly.
The problem comes when I execute the program in other computer (and the app.config was protected in mine). But if i paste the app.config unprotected (in the other computer), when the app is executed, protects it and after this it works normally.
I got the code in the microsoft doc: https://learn.microsoft.com/en-us/dotnet/framework/data/adonet/connection-strings-and-configuration-files
When there's a note saying:
The connection string can only be decrypted on the computer on which it was encrypted.
Obviously I don't want to have to distribute the .config unprotected.
How can I protect it on my computer and still have it work on other ones?
