• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1749
  • Last Modified:

How to hide the database connection string in the web.config

I would like to encrypt the database connection string so our developers do not know what the password is to connect to our production database.
We have 3 environments. Dev, test and Prod.  Dev and Test I have no issues with the Developer seeing the username and passwords unencrypted in the web.config file.  But when moving to the production environment I would like to hide this information from the developer.  Do I do the following?

run
C:\Windows\Microsoft.NET\Framework\v2.0.50727>aspnet_regiis.exe -pe "connectionStrings" -prov "DataProtectionConfigurationProvider" -app "/"
Encrypting configuration section...
Succeeded!

and then copy the resulting results to the web.config?  Or is their another solution?
0
IandINSW
Asked:
IandINSW
1 Solution
 
käµfm³d 👽Commented:
I haven't confirmed the parameters of your command, but yes, you would use aspnet_regiis for this purpose.
0
 
BuggyCoderCommented:
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now