转载原地址: https://chiragrdarji.wordpress.com/2008/08/11/how-to-encrypt-connection-string-in-webconfig/

The most sensitive information stored in web.config file can be the connection string. You do not want to disclose the information related to your database to all the users where the application is deployed. Every time it is not possible to have a private machine for your sites, you may need to deploy the site in shared host environment. To encrypt the connection string in above situation is advisable.

ASP.NET 2.0 provides in built functionality to encrypt few sections of web.config file. The task can be completed using Aspnet_regiis.exe. Below is the web.config file and <connectionStrings> section.

  : <connectionStrings>

   :   <add name="cn1"

   :           connectionString="Server=DB SERVER;

   :                             database=TestDatabase;

   :                             uid=UID;

   :                             pwd=PWD;" />

   :  </connectionStrings>

Fig – (1) Connection string section of web.config file

To encrypt the connection string section follow the steps,

1. Go to Start -> Programm Files -> Microsoft Visual Studio 2005 -> Visual Tools
    -> Microsoft Visual Studio 2005 Command Prompt

2. Type following command,

aspnet_regiis.exe -pef “connectionStrings” C:\Projects\DemoApplication

-pef indicates that the application is built as File System website.  The second argument is the name of configuration section needs to be encrypted. Third argument is the physical path where the web.config file is located.

If you are using IIS base web site the command will be,

   aspnet_regiis.exe -pe “connectionStrings” -app “/DemoApplication”

 -pe indicates that the application is built as IIS based site. The second argument is the name of configuration section needs to be encrypted. Third argument “-app” indicates virtual directory and last argument is the name of virtual directory where application is deployed.

If everything goes well you will receive a message “Encrypting configuration section…Succeeded!”

Open your web.config file and you can see that connection string is encrypted,

 : <connectionStrings configProtectionProvider="RsaProtectedConfigurationProvider">

   :   <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element"

   :    xmlns="http://www.w3.org/2001/04/xmlenc#">

   :    <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />

   :    <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">

   :     <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">

   :      <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />

   :      <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">

   :       <KeyName>Rsa Key</KeyName>

  :      </KeyInfo>

  :      <CipherData>

  :       <CipherValue>Ik+l105qm6WIIQgS9LsnF8RRxQtj2ChEwq7DbHapb440GynFEoGF6Y3EM3Iw/lyDV8+P8bIsketi5Ofy9gpZlCBir7n315Q6RPbdclUo79o/LKadhX4jHFpnSIQNIF/LhwjwkLFC0=</CipherValue>

  :      </CipherData>

  :     </EncryptedKey>

  :    </KeyInfo>

  :    <CipherData>

  :     <CipherValue>JsLrQ5S8Pq3U72nQzmSl/XlLX72GM0O3EbPLaHRNvjTDgG9seDflGMjTfO10M1s7/mPh//3MhA7pr0dNHUJ143Svhu5YXODRC6z9CkR0uyE4H7uDvTKJ8eR3m9APhXoo1sT1K3tCLHD6a2BM+gqSk9d8PzCfbM8Gmzmpjz1ElIaxu62b4cg9SNxp8o86O9N3fBl2mq</CipherValue>

  :    </CipherData>

  :   </EncryptedData>

  :  </connectionStrings>

Fig – (2) Encrypted connection string section

You do not have to write any code to decrypt this connection string in your application, dotnet automatically decrypts it. So if you write following code you can see plaintext connection string.

 Response.Write(ConfigurationManager.ConnectionStrings["cn1"].ConnectionString);

Now to decrypt the configuration section in web.config file use following command,

For File System Application,

aspnet_regiis.exe -pdf “connectionStrings” C:\Projects\DemoApplication

For IIS based Application

aspnet_regiis.exe -pd “connectionStrings” -app “/DemoApplication”

If you want to encrypt any nested section in web.config file like <pages> element within <system.web> you need to write full section name as shown below,

aspnet_regiis.exe -pef “system.web/Pages” C:\Projects\DemoApplication

You can encrypt all the sections of web.config file except following using the method I displayed in this article,

<processModel>
<runtime>
<mscorlib>
<startup>
<system.runtime.remoting>
<configProtectedData>
<satelliteassemblies>
<cryptographySettings>
<cryptoNameMapping>
<cryptoClasses>

To encrypt these section you needed to use Aspnet_setreg.exe tool.  For more detail about Aspnet_setreg.exe tool search Microsoft Knowledge Base article 329290, How to use the ASP.NET utility to encrypt credentials and session state connection strings.

转载 How to Encrypt connection string in web.config的更多相关文章

  1. 【转】Encrypt ConnectionString in Web.Config 【加密ASP.NET web.config数据库链接字串】

    原文链接:https://www.codeproject.com/Tips/795135/Encrypt-ConnectionString-in-Web-Config web.config中一般会存放 ...

  2. 使用Web.Config Transformation配置灵活的配置文件

    发布Asp.net程序的时候,开发环境和发布环境的Web.Config往往不同,比如connectionstring等.如果常常有发布的需求,就需要常常修改web.config文件,这往往是一件非常麻 ...

  3. Web.Config Transformation配置灵活的配置文件

    使用Web.Config Transformation配置灵活的配置文件 发布Asp.net程序的时候,开发环境和发布环境的Web.Config往往不同,比如connectionstring等.如果常 ...

  4. 关于Web.config的debug和release.config文件

    使用Web.Config Transformation配置灵活的配置文件 发布Asp.net程序的时候,开发环境和发布环境的Web.Config往往不同,比如connectionstring等.如果常 ...

  5. 如何用代码方式获取Web.config中system.serviceModel/client节点的address

    以下代码GetAPIAddress将返回:http://localhost:2555/APITEST.asmx using System.Web.Configuration;using System. ...

  6. MVC: Connection String

    背景: 之前项目使用的是DB first/Model first,现在要对EF升级的6.0,并且更换成Code first. 问题: 1. System.Data.Entity.Core.Metada ...

  7. ASP.NET MVC 5 - 创建连接字符串(Connection String)并使用SQL Server LocalDB

    您创建的MovieDBContext类负责处理连接到数据库,并将Movie对象映射到数据库记录的任务中.你可能会问一个问题,如何指定它将连接到数据库? 实际上,确实没有指定要使用的数据库,Entity ...

  8. No connection string named '***' could be found in the application config file

    Code-First时更新数据库遇到妖孽问题“No connection string named '***' could be found in the application config fil ...

  9. EF 数据库连接约定(Connection String Conventions in Code First)

    一个典型的EF应用大多数情况下是一个DbContext的派生类(derived class)来控制,通常可以使用该派生类调用DbContext的构造函数,来控制以下的东西: (1).上下文如何连接到数 ...

随机推荐

  1. 【调侃】IOC前世今生 工厂模式 反射 依赖倒置

    http://www.cnblogs.com/showjan/p/3950989.html

  2. cctype头文件(字符处理库)的使用

    C++ 中cctype头文件的使用 头文件cctype(字符处理库)中定义了有关字符判断与处理的库函数,使用前要包含头文件: #include <cctype> using namespa ...

  3. java socket nio编程

    上次写了一个socket的基本编程,但是有个问题,阻塞特别严重,于是小编便去找了nio学习了一下... public class TimeServer { public static void mai ...

  4. C#.Net 如何动态加载与卸载程序集(.dll或者.exe)4-----Net下的AppDomain编程 [摘录]

    最近在对AppDomain编程时遇到了一个问题,卸载AppDomain后,在内存中还保留它加载的DLL的数据,所以即使卸载掉AppDomain,还是无法更新它加载的DLL.看来只有关闭整个进程来更新D ...

  5. ListView使用CursorAdapter增加和删除item

    @Override protected void onCreate(Bundle savedInstanceState) { // TODO 自动生成的方法存根 super.onCreate(save ...

  6. poj 3414 Pots ( bfs )

    题目:http://poj.org/problem?id=3414 题意:给出了两个瓶子的容量A,B, 以及一个目标水量C, 对A.B可以有如下操作: FILL(i)        fill the ...

  7. ORACLE【0】:基本操作

    最新工作中用到oracle越来越多,自己虽然也能写点SQL.存储过程.触发器什么的,但是对数据库管理还是陌生的很,现在就将自己最近所学的一步一步整理下来. 1.windows上如何启动oracle 安 ...

  8. Self-Paced Training (2) - Docker Fundamentals

    Agenda- Building Images Dockerfile Managing Images and Containers Distributing Images on Docker Hub ...

  9. Jquery Ashx 存在缓存问题

    因为缓存总是不调用 PermissionEdit.ashx $.ajax({ type: "get", cache: false, url:"PermissionEdit ...

  10. android 组件设置屏幕大小

    WindowManager wManager = getWindowManager(); DisplayMetrics metrics = new DisplayMetrics(); wManager ...