We can encrypt the
section of a web configuration file (web.config).
After the Encryption of Connection Strings is done, you will notice a change in web.config file, that the contents of the
section are no longer visible.
However, an ASP.NET page can continue to read the values of the Corresponding Database (For e.g. GuestBook connections string by using the <%$ ConnectionStrings:GuestBook %> expression.
The easiest way to encrypt the
section is to use the aspnet_regiis
command-line tool. This tool is located in the following folder:
Executing the following command encrypts the
section of a
Web.Config file located in a folder with the path c:\Websites\myGuestBook
aspnet_regiis -pef connectionStrings “c:\Websites\ myGuestBook”
The -pef option (Protect Encrypt Filepath) encrypts a particular configuration section
located at a particular path.
You can decrypt a section with the -pdf option like this:
aspnet_regiis -pdf connectionStrings “c:\Websites\myGuestBook”