views:

362

answers:

2

I want to encrypt the connection strings in a web.config file in a shared hosting environment.

I have read most of the articles on MSDN on the subject (http://msdn.microsoft.com/en-us/library/53tyfkaw.aspx) and concluded that I need to use RSAProtectedConfigurationProvider so that I can export the config file with key container to our shared hosting provider. However, when I do this I get an error "The RSA key container could not be opened." I assume this is because I need to grant access to the aspnet account to the key container, but this is done using the aspnet_regiis tool which I can't use as I'm on a shared host.

So I tried programatically encrypting it on application start in the global.asax, but I get a permission error when saving the file - "An error occurred loading a configuration file: Access to the path 'C:\Inetpub\xxx\yyy\3acp98k.tmp' is denied. Shared hosting restriction, I assume.

I can't run the aspnet_regiis tool as its a shared hosting environment.

Does anyone have any ideas as to how I might encrypt the connection strings?

+1  A: 

You just need to make web.config writable. Shared hosts either give full access to the IIS user or give you some web-based tool, in you file manager maybe, to edit permissions. You don't need to run aspnet_regiis.

Parsa