Jump to content
How To Handle Encryption Decription Of Connection String ?
1 reply to this topic
Posted 14 October 2008 - 09:31 PM
I have created two functions that encrypt and decrypt the connection string in web.config. But whenever I want to use connection string. I have to always decrypt web.config and then again encrypt it back. Does there any other way which i can use.
I'm using section.SectionInformation.ProtectSection(" <encryption configuration provider> ") and section.SectionInformation.UnprotectSection()
Posted 15 October 2008 - 01:16 PM
There are a couple of alternate ways to store a connection string securely. If you have access to the registry on the web server, you could actually store the encrypted connection string in the registry using the aspnet_setreg utility and reference it there. More details on that at http://support.microsoft.com/kb/821616.
You could also save the connection string in its own config file and then replace the connectionStrings element in web.config with
<connectionStrings configSource="~/connectionstrings.config" />
Remember if you save the new config file in App_Data or App_Code the server will not pass the file over on direct request.
Hope that helps, Dan.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users