转载原地址: https://chiragrdarji.wordpress.com/2008/08/11/how-to-encrypt-connection-string-in-webconfig/

The most sensitive information stored in web.config file can be the connection string. You do not want to disclose the information related to your database to all the users where the application is deployed. Every time it is not possible to have a private machine for your sites, you may need to deploy the site in shared host environment. To encrypt the connection string in above situation is advisable.

ASP.NET 2.0 provides in built functionality to encrypt few sections of web.config file. The task can be completed using Aspnet_regiis.exe. Below is the web.config file and <connectionStrings> section.

  : <connectionStrings>

   :   <add name="cn1"

   :           connectionString="Server=DB SERVER;

   :                             database=TestDatabase;

   :                             uid=UID;

   :                             pwd=PWD;" />

   :  </connectionStrings>

Fig – (1) Connection string section of web.config file

To encrypt the connection string section follow the steps,

1. Go to Start -> Programm Files -> Microsoft Visual Studio 2005 -> Visual Tools
    -> Microsoft Visual Studio 2005 Command Prompt

2. Type following command,

aspnet_regiis.exe -pef “connectionStrings” C:\Projects\DemoApplication

-pef indicates that the application is built as File System website.  The second argument is the name of configuration section needs to be encrypted. Third argument is the physical path where the web.config file is located.

If you are using IIS base web site the command will be,

   aspnet_regiis.exe -pe “connectionStrings” -app “/DemoApplication”

 -pe indicates that the application is built as IIS based site. The second argument is the name of configuration section needs to be encrypted. Third argument “-app” indicates virtual directory and last argument is the name of virtual directory where application is deployed.

If everything goes well you will receive a message “Encrypting configuration section…Succeeded!”

Open your web.config file and you can see that connection string is encrypted,

 : <connectionStrings configProtectionProvider="RsaProtectedConfigurationProvider">

   :   <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element"

   :    xmlns="http://www.w3.org/2001/04/xmlenc#">

   :    <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />

   :    <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">

   :     <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">

   :      <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />

   :      <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">

   :       <KeyName>Rsa Key</KeyName>

  :      </KeyInfo>

  :      <CipherData>

  :       <CipherValue>Ik+l105qm6WIIQgS9LsnF8RRxQtj2ChEwq7DbHapb440GynFEoGF6Y3EM3Iw/lyDV8+P8bIsketi5Ofy9gpZlCBir7n315Q6RPbdclUo79o/LKadhX4jHFpnSIQNIF/LhwjwkLFC0=</CipherValue>

  :      </CipherData>

  :     </EncryptedKey>

  :    </KeyInfo>

  :    <CipherData>

  :     <CipherValue>JsLrQ5S8Pq3U72nQzmSl/XlLX72GM0O3EbPLaHRNvjTDgG9seDflGMjTfO10M1s7/mPh//3MhA7pr0dNHUJ143Svhu5YXODRC6z9CkR0uyE4H7uDvTKJ8eR3m9APhXoo1sT1K3tCLHD6a2BM+gqSk9d8PzCfbM8Gmzmpjz1ElIaxu62b4cg9SNxp8o86O9N3fBl2mq</CipherValue>

  :    </CipherData>

  :   </EncryptedData>

  :  </connectionStrings>

Fig – (2) Encrypted connection string section

You do not have to write any code to decrypt this connection string in your application, dotnet automatically decrypts it. So if you write following code you can see plaintext connection string.

 Response.Write(ConfigurationManager.ConnectionStrings["cn1"].ConnectionString);

Now to decrypt the configuration section in web.config file use following command,

For File System Application,

aspnet_regiis.exe -pdf “connectionStrings” C:\Projects\DemoApplication

For IIS based Application

aspnet_regiis.exe -pd “connectionStrings” -app “/DemoApplication”

If you want to encrypt any nested section in web.config file like <pages> element within <system.web> you need to write full section name as shown below,

aspnet_regiis.exe -pef “system.web/Pages” C:\Projects\DemoApplication

You can encrypt all the sections of web.config file except following using the method I displayed in this article,

<processModel>
<runtime>
<mscorlib>
<startup>
<system.runtime.remoting>
<configProtectedData>
<satelliteassemblies>
<cryptographySettings>
<cryptoNameMapping>
<cryptoClasses>

To encrypt these section you needed to use Aspnet_setreg.exe tool.  For more detail about Aspnet_setreg.exe tool search Microsoft Knowledge Base article 329290, How to use the ASP.NET utility to encrypt credentials and session state connection strings.

转载 How to Encrypt connection string in web.config的更多相关文章

  1. 【转】Encrypt ConnectionString in Web.Config 【加密ASP.NET web.config数据库链接字串】

    原文链接:https://www.codeproject.com/Tips/795135/Encrypt-ConnectionString-in-Web-Config web.config中一般会存放 ...

  2. 使用Web.Config Transformation配置灵活的配置文件

    发布Asp.net程序的时候,开发环境和发布环境的Web.Config往往不同,比如connectionstring等.如果常常有发布的需求,就需要常常修改web.config文件,这往往是一件非常麻 ...

  3. Web.Config Transformation配置灵活的配置文件

    使用Web.Config Transformation配置灵活的配置文件 发布Asp.net程序的时候,开发环境和发布环境的Web.Config往往不同,比如connectionstring等.如果常 ...

  4. 关于Web.config的debug和release.config文件

    使用Web.Config Transformation配置灵活的配置文件 发布Asp.net程序的时候,开发环境和发布环境的Web.Config往往不同,比如connectionstring等.如果常 ...

  5. 如何用代码方式获取Web.config中system.serviceModel/client节点的address

    以下代码GetAPIAddress将返回:http://localhost:2555/APITEST.asmx using System.Web.Configuration;using System. ...

  6. MVC: Connection String

    背景: 之前项目使用的是DB first/Model first,现在要对EF升级的6.0,并且更换成Code first. 问题: 1. System.Data.Entity.Core.Metada ...

  7. ASP.NET MVC 5 - 创建连接字符串(Connection String)并使用SQL Server LocalDB

    您创建的MovieDBContext类负责处理连接到数据库,并将Movie对象映射到数据库记录的任务中.你可能会问一个问题,如何指定它将连接到数据库? 实际上,确实没有指定要使用的数据库,Entity ...

  8. No connection string named '***' could be found in the application config file

    Code-First时更新数据库遇到妖孽问题“No connection string named '***' could be found in the application config fil ...

  9. EF 数据库连接约定(Connection String Conventions in Code First)

    一个典型的EF应用大多数情况下是一个DbContext的派生类(derived class)来控制,通常可以使用该派生类调用DbContext的构造函数,来控制以下的东西: (1).上下文如何连接到数 ...

随机推荐

  1. codeforces #309 div1 B

    题目啰里啰嗦说了一大堆(耐心读完题目就可以秒题了) 首先我们考虑当前置换的开头的循环节的开头 1.如果是1 1->1形成循环节 问题变成i-1的子问题 2.如果是2 1->2->1形 ...

  2. undefined与null的区别---js

    不错... http://www.ruanyifeng.com/blog/2014/03/undefined-vs-null.html

  3. Hibernate逍遥游记-第1章-JDBC访问数据库

    1. package mypack; import java.awt.*; import java.awt.event.*; import javax.swing.*; import javax.sw ...

  4. update多表陷阱

    今天同学发了个sql题目 A1表 B1表 id num id snum 1 10 1 90 2 2000 3 4000 3 30 B表的数据插入A表当中 最后的结果 A表 1 90 2 2000 3 ...

  5. 201. Bitwise AND of Numbers Range

    题目: Given a range [m, n] where 0 <= m <= n <= 2147483647, return the bitwise AND of all num ...

  6. world符号大全

    ■特殊符号:·⊙①⊕◎Θ⊙●○¤㊣㈱@の■□★☆◆◇◣◢ ◤◥▲△▼▽⊿◢ ▂ ▃ ▄ ▅ ▆ ▇ █ ▉ ▊▋▌▍▎▏■ ▓ 回 □ 〓≡↑↓→←↘↙♀♂┇┅|$ @ * & # ※ 卍 卐 ...

  7. 给TextView中的text上下左右添加一张图片

    1,在xml中配置使用,android:drawableLeft 等 其它的有:android:drawableTop,android:drawableBottom,android:drawableR ...

  8. JAVA-----乱码的处理 乱码的解决方法总结

    为什么说乱码是程序员无法避免的话题呢?这个首先要从编码机制上说起,大家都是中文和英文的编码格式不是一样,解码也是不一样的!工作遇到各种各样的乱码的解决方法总结一下. 对于Java由于默认的编码方式是 ...

  9. UML中关系图解

    转自http://blog.csdn.net/duran1986/article/details/5573415 最近在教软件工程项目实践,就又仔细了解了下UML中各种关系的意义,虽然有点简单,但是有 ...

  10. DB2系统管理试题标准答案

    1. 如果需要创建一个表,并把表中的索引数据和其他数据分开存储,则应该 A.建立两个SMS表空间分别存储索引数据和其他数据 B.建立两个DMS表空间分别存储索引数据和其他数据 C.建立一个DMS表空间 ...