?
Solved

encrypt connection string

Posted on 2011-09-29
4
Medium Priority
?
375 Views
Last Modified: 2012-05-12
hi,

im encrypting my asp.net connection strings on my dev environment like so

var config = WebConfigurationManager.
                OpenWebConfiguration("~");

            var section =
                config.GetSection("connectionStrings")
                as ConnectionStringsSection;

                      section.SectionInformation.ProtectSection(
                    "RSAProtectedConfigurationProvider");
                     config.Save();

Open in new window


When i deploy this the encrypted web.config to Live environment do i need to export a key from my dev environment? Or should I just run the encryption routine it on live?

Also what key does "RSAProtectedConfigurationProvider" use to do the encryption and what will stop someone accessing that key when it goes live?

Thanks very much
0
Comment
Question by:MrKevorkian
  • 2
  • 2
4 Comments
 
LVL 75

Accepted Solution

by:
käµfm³d   👽 earned 2000 total points
ID: 36815226
When i deploy this the encrypted web.config to Live environment do i need to export a key from my dev environment? Or should I just run the encryption routine it on live?
Also what key does it use to do the encryption and what is to stop someone accessing that key when it goes live?
IIRC, the encryption algorithm uses the machine key to encrypt the data. The only thing you should need to do is to run the asp helper application, aspnet_regiis.exe on the target machine to initially encrypt the sections using that machine's key. You would not deploy the key from your development server.


Also what key does it use to do the encryption and what is to stop someone accessing that key when it goes live?
As I stated, it should be the machine key that's used, so if someone has found access to that, you've probably got bigger problems going on  = )
0
 
LVL 1

Author Comment

by:MrKevorkian
ID: 36815302
Thanks thats very useful.

So "RSAProtectedConfigurationProvider" uses IIRC?
0
 
LVL 75

Expert Comment

by:käµfm³d 👽
ID: 36815512
IIRC => "If I Recall Correctly"   = )
0
 
LVL 1

Author Comment

by:MrKevorkian
ID: 36815517
haha! thanks
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
In real business world data are crucial and sometimes data are shared among different information systems. Hence, an agreeable file transfer protocol need to be established.
this video summaries big data hadoop online training demo (http://onlineitguru.com/big-data-hadoop-online-training-placement.html) , and covers basics in big data hadoop .
Screencast - Getting to Know the Pipeline
Suggested Courses

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question