using System;
using System.Configuration;
using System.Web.Configuration;
public static class StringConnEncryption {
public static void Encrypt() {
//Encryption provider
string strProvider = "RSAProtectedConfigurationProvider";
Configuration oConfiguration = null;
ConnectionStringsSection oSection = null;
try {
oConfiguration = WebConfigurationManager.OpenWebConfiguration("~");
if (oConfiguration != null) {
bool bChanged = false;
oSection = oConfiguration.GetSection("connectionStrings") as ConnectionStringsSection;
if (oSection != null) {
if (!oSection.ElementInformation.IsLocked && !oSection.SectionInformation.IsLocked) {
if (!oSection.SectionInformation.IsProtected) {
bChanged = true;
oSection.SectionInformation.ProtectSection(strProvider);
}
}
}
if (bChanged) {
oSection.SectionInformation.ForceSave = true;
oConfiguration.Save();
}
}
} catch (Exception ex) {
throw (ex);
}
}
}
StringConnEncryption.Encrypt();
Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.
Comments (2)
Commented:
Functionally, the approach works, but I think for an enterprise scenario it would not be fruitful.
Author
Commented:And actually there's no maintenance to bear with this approach. You just have some code that encrypts on upload. You have nothing to change or activate/disactivate prior to the upload, I don't see why could it be a problem in a single multi-application enterprise server.