Encrypting Connection Strings in the web.config
There's a nice tip in this video on encrypting connection strings in the web.config. I couldn't find the source code, so I typed it in myself. If you need it, here it is. BTW, who's the presenter on these? He has a pleasant, relaxed, and fluid style.
' For the video, see
' http://download.microsoft.com/download/8/3/6/836dd5f8-fa92-499f-8219-0d326f13bf18/hilo_tips_final.wmv
Protected Sub EncryptConfig(ByVal bEncrypt As Boolean)
Dim path = "~/"
' Use the WebConfigurationManager to open
' the local web.config file
Dim config As Configuration = _
System.Web.Configuration.WebConfigurationManager. _
OpenWebConfiguration(path)
' Get the connectionStrings section
' from the web.config file
Dim appSettings As ConfigurationSection = _
config.GetSection("connectionStrings")
If bEncrypt Then
' Encrypt the string using ProtectSection
appSettings.SectionInformation.ProtectSection _
("DataProtectionConfigurationProvider")
Else
'Decrypt the string using UnprotectSection
appSettings.SectionInformation.UnprotectSection()
End If
'Save the changes
config.Save()
End Sub