Diablo: Aspnet_Regiis - Encrypt/Decrypt Web.config

Monday, April 9, 2007

Aspnet_Regiis - Encrypt/Decrypt Web.config

Encrypting a Configuration Section
IIS/ASP.NET will not serve direct requests to Web.config, which protects possibly sensitive information (e.g. connection strings, email addresses) from the public...at least in theory.

You can further protect web.config information via encryption. Out of the box, the aspnet_regiis.exe utility will encrypt web.config according to your preferences.

Here is a sample <appsettings> section:

Assume that this application runs under http://localhost/myApp, we could run the following command to encrypt:

aspnet_regiis -pe "appSettings" -app "/myApp"

After which, the <appsettings> section would look like this:

Implementing Code to Retrieve Configuration Settings
What's great is that the code that accesses the configuration settings need not change, e.g.:

string strGUID = ConfigurationSettings.AppSettings["ROOTGUID"];

...would work before and after encryption.

Decryption
To decrypt the configuration settings, just substitute a "-pd" switch for "-pe":

aspnet_regiis -pd "appSettings" -app "/myApp"

...Finally, I came across a good article about handling this encryption/decryption programmatically (e.g. via an ASP.NET page or a Console App). Here's the 4gfr link.

8 comments:

ken zip-s-place-a-t c-o-m-c-a-s-t d-o-t-n-e-t said...: two questions ??
1: What version of Dot NEt is this for ?
2: If you can decrypt with that command - then so can anyone who gets the file..am I correct ?; June 22, 2008 at 2:23 AM
Anonymous said...: 1: 2.0 and forward
2: No, you need the crypto container residing in your computer as well; August 31, 2009 at 3:58 AM
Adi said...: Oes Tsetnoc one of the ways in which we can learn seo besides Mengembalikan Jati Diri Bangsa. By participating in the Oes Tsetnoc or Mengembalikan Jati Diri Bangsa we can improve our seo skills. To find more information about Oest Tsetnoc please visit my Oes Tsetnoc pages. And to find more information about Mengembalikan Jati Diri Bangsa please visit my Mengembalikan Jati Diri Bangsa pages. Thank you So much.; November 21, 2009 at 12:05 AM
price per head said...: Great site!!! this information really helped me; June 18, 2012 at 2:45 PM
Anonymous said...: What's up friends, pleasant post and good urging commented here, I am really enjoying by these.

my homepage; visit website; March 24, 2013 at 8:31 PM
Anonymous said...: If you desire to grow your experience simply keep visiting this web site and be updated with the hottest information posted here.

Stop by my weblog: How Webcams May Assist Folks Communicate; April 12, 2013 at 6:44 PM
Anonymous said...: An outstanding share! I have just forwarded
this onto a friend who has been conducting
a little homework on this. And he in fact ordered me breakfast because I stumbled upon it for him.
.. lol. So allow me to reword this.... Thanks for the meal!
! But yeah, thanks for spending some time to discuss this issue here on your blog.

My web-site ... Email Console; April 21, 2013 at 10:24 PM
Anonymous said...: Hello, I wish for to subscribe for this web site to take newest updates, therefore where can i do it please
help.

Review my website - Email Console; May 16, 2013 at 3:00 AM

Diablo

Monday, April 9, 2007

Aspnet_Regiis - Encrypt/Decrypt Web.config

8 comments:

Blog Archive

Favorite Links

Diablo Pup