Sukumar Raju's Blog

MCP

Sponsors

Tags

News

SharePoint SharePoint

More reading these days Patterns and practicces


Interesting to work with ASP.NET Membership provider

Suggested Reading C# Book


patterns & practices Application Architecture Guide 2.0


MVP Blog Badge.

Grab this badge here!


Encrypt and Decrypt connectionString section in Web.config

Here is the source code to encrypt and decrypt <connectionString> section in Web.config using RSA Protected Configuration provider model.

Note that below source code is from class library file. It is quite feasible to edit the code and use within a button click event as you wish.

Hope you find it useful!!

using System; 
using System.Collections.Generic; 
using System.Text; 
using System.Web; 
//specific to configuration 
using System.Configuration; 
using System.Web.Configuration; 
using System.Web.Security; 
namespace WebUtils 
{ 
/// <summary> 
/// Contains methods for Encrypting and decrypting connectionStrings
/// section in web.config 
/// current encryption configuration model is Rsa,
/// it is feasible to change this to DataProtectionConfigurationProvider 
/// </summary> 
/// <author>Raju Golla</author> 
public class EncryptDecrypt 
{ 
//Get Application path using HttpContext 
public static string path = HttpContext.Current.
Request.ApplicationPath; 
/// <summary> 
/// Encrypt web.config connectionStrings
/// section using Rsa protected configuration
/// provider model 
/// </summary> 
#region Encrypt method 
public static void EncryptConnString() 
{ 
Configuration config = WebConfigurationManager.
OpenWebConfiguration(path); 
ConfigurationSection section = 
config.GetSection("connectionStrings"); 
if (!section.SectionInformation.IsProtected) 
{ 
section.SectionInformation.ProtectSection
("RsaProtectedConfigurationProvider"); 
config.Save(); 
} 
} 
#endregion 
/// <summary> 
/// Decrypts connectionStrings section in 
///web.config using Rsa provider model 
/// </summary> 
#region Decrypt method 
public static void DecryptConnString() 
{ 
Configuration config = WebConfigurationManager.
OpenWebConfiguration(path); 
ConfigurationSection section = 
config.GetSection("connectionStrings"); 
if (section.SectionInformation.IsProtected) 
{ 
section.SectionInformation.UnprotectSection(); 
config.Save(); 
} 
} 
#endregion 
} 
}

References:

http://www.beansoftware.com/ASP.NET-Tutorials/Encrypting-Connection-String.aspx

http://msdn.microsoft.com/en-us/library/ms998280.aspx

Posted: Sep 28 2009, 07:03 PM by sukumarraju | with 2 comment(s) |
Filed under:

Comments

samarmir said:

Very nice article, works nicely.

I have used it on a commercial webhotel and it works nicely.

I have however experienced that I had to click the decrypt button first (I have implemented the code through button click events) and then the encrypt button in order to make it work. Otherwise it would return a unauthorized error.

# July 23, 2010 9:50 AM

Sukumar Raju's Blog said:

Encrypting and decrypting connectionStrings section progrmatically is explained in this article from

# February 18, 2011 11:50 AM
Leave a Comment

(required) 

(required) 

(optional)

(required)