If we are using applications in our
internal servers with security then it’s ok. If we deploy our applications in
shared host environment then we have chance to arise security problems to avoid
these problems from asp.net 2.0 provided built in protected configuration model
functionality to encrypt or decrypt few sections of web.config file those are
The encrypting and decrypting of connection strings in web.config file will do by using aspnet_regiis.exe command line tool and code behind.
Before
encrypting the connectionString the web.config looks like this:RSAProtectedConfigurationProvider: This is default provider and uses the RSA public key
encryption algorithm to encrypt and decrypt data.DataProtectionConfgurationProvider: This provider uses windows data protection application
programming interface to encrypt and decrypt the data.The encrypting and decrypting of connection strings in web.config file will do by using aspnet_regiis.exe command line tool and code behind.
Steps to Encrypt your connectionStrings:
1) Go to All Programs>Microsoft Visual Studio 2012> Visual studio tools> Developer command prompt for VS2012.
2 2)
Right click on it and choose run as administrator.
3 3)
Type the following command in the prompt:
4)
And execute it your prompt you will see succeeded message
as follows:
1 5)
Now go and browse your web.config file which looks
something like this:
Here you may
doubt that “What if I want to use the connection string in cs file”. The .net framework automatically decrypts it.
Steps to Decrypt
connectionStrings:
1 1)
Go to All Programs>Microsoft Visual Studio 2012>
Visual studio tools> Developer command prompt for VS2012.
2 2)
Right click on it and choose run as administrator.
3 3)
Type the following command in the prompt:
1 5)
Now go and browse your web.config file which looks
something like this:
No comments:
Post a Comment