asked on

Encrypt connectionString in web.config

Hi!

I want to encrypt the connectionString settings in web.config.

I read that I'm able to use:

aspnet_regiis.exe -pdf “connectionStrings” C:\Projects\DemoApplication

Open in new window

But I have some questions:

My website is in my file system now, but I'll publish it later. It's ok to encrypt this way (above)?

My website works with typed DataSet to access SQL Server. Encrypting the connectionString will change any thing?

When I need to use the connectionString, may I use just:

string conn = ConfigurationManager.ConnectionStrings["SQL"].ConnectionString;

Open in new window

to get the connectionString? (The ASP.net will decrypt it automatically, right?)

Thanks in advance!

SOLUTION

Carl Tawn

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

ASKER CERTIFIED SOLUTION

greatsubash

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Member_2_2459312

Also, the correct parameter to encrypt is -pef, the -pdf will decrypt previously encrypted connection strings, allowing you to edit them.

burakiewicz

Im not it will work if you encrypt on one machine and publish it out to a different machine

calypsoworld

ASKER

> burakiewicz
I'm developing in my computer to publish to an IIS located on another computer.

If I can't decrypt in these conditions, how can I do that?

Thanks!

SOLUTION

burakiewicz

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial