tags:

views:

474

answers:

1
Q: 

Need Encrypted connection string and stmp information in the web.config

I want to keep encrypted connection string and stmp information in the web.config.

can I store Connection String and SMTP information in web.config encrypted and where I need just decrypted and use?

OR

What is the point/event where i can encrypt the Connection String and SMTP and save in the web.config? (and if the changes happen in web.config in that, is existing session expired?)

What is the best solution?

Thanks

+1  A: 

It's easy to do with aspnet_regiis.exe- look at the pe/pd/pef and pdf options. You can also do it programmatically. It works by encrypting a specific configuration section. In your case that is the connectionStrings and smtp sections.

You can use either DPAPI or RSA and you can encrypt on either a machine wide basis or on a specific user account.

RichardOD  2009-08-24 08:08:59
I am using this code when chaning using programmatically, but getting error, I am on development environment
Muhammad Akhtar  2009-08-24 11:21:17
public void ProtectSection() { System.Configuration.Configuration config = ConfigurationManager.OpenExeConfiguration(Server.MapPath("~/Web.config")); ConfigurationSection section = config.GetSection("connectionStrings"); section.SectionInformation.ProtectSection("RsaProtectedConfigurationProvider"); section.SectionInformation.ForceSave = true; config.Save(ConfigurationSaveMode.Full); }
Muhammad Akhtar  2009-08-24 11:22:44
can you plz check what is the issue, I shall be gratefull to ur effort
Muhammad Akhtar  2009-08-24 11:23:17
What is the error you are getting? As a side issue if you are doing this inside your Web app, you should look into WebConfigurationManager.OpenWebConfiguration http://msdn.microsoft.com/en-us/library/ms151456.aspx
RichardOD  2009-08-24 11:51:05
I am getting this error. An error occurred executing the configuration section handler for connectionStrings.
Muhammad Akhtar  2009-08-24 12:18:35
OK- and what's the InnerException?
RichardOD  2009-08-24 12:23:53
Failed to encrypt the section 'connectionStrings' using provider 'RsaProtectedConfigurationProvider'. Error message from the provider: Object already exists.\r\n
Muhammad Akhtar  2009-08-25 09:02:19
I am trying to implementing using http://msdn.microsoft.com/en-us/library/ms998283.aspx
Muhammad Akhtar  2009-08-26 11:31:29
when I run this command aspnet_regiis -pe "connectionStrings" -app "/WebFarmRSA" -prov "CustomProvider" I am getting this error message "The Configuration for virtual path '/ConStringEncrypt' and site 'Default Web Site' cannot be opened"
Muhammad Akhtar  2009-08-26 11:33:28
other than this command i am not getting any error, Plz help...... I am in trouble from last 2 days. Thanks
Muhammad Akhtar  2009-08-26 11:34:04

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps