Improve company productivity with a Business Account.Sign Up

x
?
Solved

How to encrypt connection string?

Posted on 2009-05-05
21
Medium Priority
?
1,346 Views
Last Modified: 2012-05-06
I have a .net 3.5 winforms app and want to encrypt the connectionString.  I have renamed app.config to web.config so it can be used with aspnet_regiis.  I'm in the app root folder and running this command line:

C:\src\project1\myapp>aspnet_regiis -pef "connectionSrings" -app "myapp"

No matter how I change the command line, I always get the help output.  No errors.  The app doesn't have an IIS website and is a web application project.  Any suggestions?
0
Comment
Question by:brettr
  • 11
  • 9
21 Comments
 
LVL 18

Expert Comment

by:David Robitaille
ID: 24307665
try to put the local path of the website instead.
aspnet_regiis.exe -pef "connectionStrings" "C:\Inetpub\wwwroot\MySite"
 
here a ref:
http://www.4guysfromrolla.com/articles/021506-1.aspx
0
 
LVL 18

Expert Comment

by:David Robitaille
ID: 24307687
<$/>you could also try to move into the %WINDOWSDIR%\Microsoft.Net\Framework\version directory before running the command.
0
 
LVL 14

Assisted Solution

by:shahprabal
shahprabal earned 800 total points
ID: 24308170
0
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

 

Author Comment

by:brettr
ID: 24308298
Last suggestion worked.  It output a larger amount of help at first until I got the command line correct.  I'm guessing it's a newer version of aspnet_iisreg.exe.

This section created by the encryption is giving errors:

  <connectionStrings configProtectionProvider="RsaProtectedConfigurationProvider">
    <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element"

//Error 1
The 'configProtectionProvider' attribute is not declared

//Error 2
The element 'connectionStrings' has invalid child element 'EncryptedData' in namespace 'http://www.w3.org/2001/04/xmlenc#'. List of possible elements expected: 'add, remove, clear'.

Do you know about those?  App seems to run ok.
0
 
LVL 18

Expert Comment

by:David Robitaille
ID: 24308403
try to add this at the end of the command, it will uses DPAPI to encrypt and decrypt data instead of RSA
 prov "DataProtectionConfigurationProvider"

(you may have to restore your backup before doing it)
0
 
LVL 18

Expert Comment

by:David Robitaille
ID: 24308414
the switch char seem to be replaced, "" = "-"
it`s
-prov "DataProtectionConfigurationProvider"

0
 

Author Comment

by:brettr
ID: 24309448
Same problem just that now it looks like this:

 <connectionStrings configProtectionProvider="DataProtectionConfigurationProvider">
    <EncryptedData>
 ...
0
 
LVL 18

Accepted Solution

by:
David Robitaille earned 1200 total points
ID: 24309551
"This section created by the encryption is giving errors"

What program is giving those errors?

0
 

Author Comment

by:brettr
ID: 24310076
Adding this makes the errors go away:

<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
0
 

Author Comment

by:brettr
ID: 24310133
Unfortunately, that namespace also prevents my app from running.
0
 
LVL 18

Expert Comment

by:David Robitaille
ID: 24310493
???
What error message did you get?

did you run the aspnet_regiis.exe on the IIS Server. the encryption key is diferent than the one on your developement machine.
0
 

Author Comment

by:brettr
ID: 24311127
It complained that the app's configuration was invalid and to reinstall the app.
0
 
LVL 18

Expert Comment

by:David Robitaille
ID: 24313313
Who complained? ISS? visual studio?
0
 

Author Comment

by:brettr
ID: 24318239
I'm running the app in VS.NET.  I get the same error when double clicking the EXE.  It says the application configuration is incorrect.
0
 
LVL 18

Expert Comment

by:David Robitaille
ID: 24318357
???????????
How do you get an EXE from web application? And what are you doing with it?
Anyway this web.config encryption thing is supposed to work when you want to "deploy" a web application to a web server (usually IIS). the machine that will execute the program (the IIS server) must be the same that the one you used to encrypt the Web.config.
There must be something i dont understand about your setup, because i got no idea of what you are trying to do...
0
 

Author Comment

by:brettr
ID: 24319191
It is a winform app.  But that doesn't matter.  The point is that VS.NET complains about those particular attributes.

Yes - I found it that the machine which encyrpts the config needs to decrypt.  Not helpful.  How can you deploy this to other machines?
0
 
LVL 18

Expert Comment

by:David Robitaille
ID: 24319363
you cannot.
That thing is designed for ASP.NET web site not Winform app. You posted the question in "NET, C# Programming Language, Programming for ASP.NET" zones. dont you noticed the tool name is aspnet_regIIS???
but, now i understand the alusion about the app.config.
I think this link will be more helpfull
http://msdn.microsoft.com/en-us/library/ms998283.aspx 
 
0
 

Author Comment

by:brettr
ID: 24320444
I posted here because there is no such tool for winforms and using aspnet_regiis is the defacto standard to encrypt app.config files as well.
0
 
LVL 18

Expert Comment

by:David Robitaille
ID: 24325025
sorry, i keep the wrong link
http://www.codeproject.com/KB/cs/Configuration_File.aspx
if that cannot hlep, I sorry, but i connot help you futher, i diden`t do anything like this, my experience is of web.config and web app. I suggest you post a new question like
"How to encrypt connection string in app.config"
 
0
 

Author Comment

by:brettr
ID: 24325427
Thanks on the links you've been posting.  The programatic technique won't work since it has to encrypt/decrypt with each app run.  I only encrypt on app install.

Your help set me in the right direction.  I leave the app.config unencrypted in SVN.  During the win app MSI is install, it runs a batch file that renames app.config to web.config, encrypts it as above and renames it back to app.config.  viola!  It works fine.
0
 
LVL 18

Expert Comment

by:David Robitaille
ID: 24325595
I`m glad i gould help!
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
Simulator games are perfect for generating sample realistic data streams, especially for learning data analysis. It is even useful for demoing offerings such as Azure stream analytics, PowerBI etc.
When you have multiple client accounts to manage, it often feels like there aren’t enough hours in the day. With too many applications to juggle, you can’t focus on your clients, much less your growing to-do list. But that doesn’t have to be the cas…
Watch the video to know the process of migration of Exchange or Office 365 mailboxes in absence of MS Outlook. It is an eminent tool which can easily migrate Public, Archive user mailboxes from one another Exchange server and Office 365. Kernel Migr…

595 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question