Solved

I need help connecting to my DB, securely, from my VB.Net application

Posted on 2016-10-27
5
31 Views
Last Modified: 2016-11-18
Hi Experts,
I just got a request asking me to remove, or encrypt the connection string information from my VB.Net WinForm applications.

A suggestion was to store the connection string in the database and retrieve it somehow.  How would I connect to the sql server database to retrieve my connection string if I don't have my credentials in my Vb.Net application?  How can this be accomplished?

Thanks in advance for your help,
mrotor
0
Comment
Question by:mainrotor
  • 2
  • 2
5 Comments
 
LVL 69

Accepted Solution

by:
Éric Moreau earned 250 total points (awarded by participants)
ID: 41862865
0
 
LVL 21

Assisted Solution

by:Tapan Pattanaik
Tapan Pattanaik earned 250 total points (awarded by participants)
ID: 41862895
Hi mainrotor,

You can encrypt the connection string by following steps.

1. Open Command Prompt with "Run as administrator "
2. At the Command Prompt, enter: ( For .NET framework 4.0)

    cd C:\Windows\Microsoft.NET\Framework\v4.0.30319

In case your web Config is located in "D:\Project\EncryptWebConfig" directory path, then enter the following to encrypt the ConnectionString:

ASPNET_REGIIS -pef "connectionStrings" "D:\Project\EncryptWebConfig"

Use Aspnet_regiis.exe tool with the –pef option and specify the application path as shown above.

Similar  you can Decrypting the Connection String:

ASPNET_REGIIS -pdf "connectionStrings" "D:\Project\EncryptWebConfig"

For moredetails please check the below URL:

http://www.codeproject.com/Tips/795135/Encrypt-ConnectionString-in-Web-Config

Regards,
Tapan Pattanaik
0
 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
ID: 41865572
nopoints:
@tapan: he is using a windows forms application not a web application therefor no web.config. ErgoÉric Moreau's suggestion of using app.config is correct
1
 
LVL 21

Expert Comment

by:Tapan Pattanaik
ID: 41865671
Hi David, You are correct. Thanks for the suggestion.

Hi  mainrotor,

The suggesting I have mentioned above having ID: 41862895 needs to be slightly changed. You have to temporarily rename the App.Config file to Web.Config for performing the above steps which I have mention having ID: 41862895.

Note: The aspnet_regiis.exe Command Line Utility of the Visual Studio does not recognize for App.Config files and hence we need to temporarily rename the App.Config file to Web.Config.

For more details Please check the below links:

http://www.aspsnippets.com/Articles/Encrypt-and-Decrypt-Connection-String-in-AppConfig-file.aspx
0
 
LVL 69

Expert Comment

by:Éric Moreau
ID: 41892672
both good but mine requires less manipulations
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
IIS Server infected with Ransomware - Postmortem investigation 12 133
DataGridView Events ? 3 37
opensource email gateway 9 59
Knowb4 Compliance Manager vs Tripwire 2 60
Article by: btan
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
Many companies are looking to get out of the datacenter business and to services like Microsoft Azure to provide Infrastructure as a Service (IaaS) solutions for legacy client server workloads, rather than continuing to make capital investments in h…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
A simple description of email encryption using a secure portal service. This is one of the choices offered by The Email Laundry for email encryption. The other choices are pdf encryption which creates an encrypted pdf of your email and any attachmen…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now