BobSacks
asked on
ASP.NET - encrypt web.config - shared hosting
I'm trying to encrypt the connection strings in my web.config. ASP.NET 2.0, VB.NET ... Googling, I find two methods. I'm using shared hosting (Brinkster), so I have no access to IIS. The other method involves some simple code, but apparently requires wriiting to the code folder, which the hosting company understandably forbids for the aspnet_user .
So, what am I missing? Is there a way to do this in a shared hosting environment?
So, what am I missing? Is there a way to do this in a shared hosting environment?
ASKER
I guess I don't fully understand how all this works. I can encrypt the connection string at page load on my development machine and everything works - as long as I am running the code on the development machine. I thought it stored an encryption key somewhere on the machine that is runnng the code. That code fails on the web host - apparently because I don't have rights to create that key.
So, if I put a web.config that has been encrypted on my development machine on the server - it cannot be unencrypted there, because the key isn't there???? I did try that and it doesn't work.
This must be a common problem, but I can't figure out how to get around it.
So, if I put a web.config that has been encrypted on my development machine on the server - it cannot be unencrypted there, because the key isn't there???? I did try that and it doesn't work.
This must be a common problem, but I can't figure out how to get around it.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
for each user at the time of login get encrypted conection string and save in applicaion state or session for that specific user. and keep it using ?