Encrypting Webconfig file values in .Net 1.1 Framework

TheMSsForum.com: The Microsoft Software Forum

Hi,
Could anyone suggest me an idea to encrypt the webconfig file's connection
string in the framework 1.1.

Thank you in Advance
--
Lets Learn and Make All Learn
Top

Re: Encrypting Webconfig file values in .Net 1.1 Framework by Mark

Mark
Thu May 08 15:04:51 CDT 2008

"madhusrp" <madhusrp@discussions.microsoft.com> wrote in message
news:35FC91DD-2EF5-4D25-BF8C-DE085B798480@microsoft.com...

> Could anyone suggest me an idea to encrypt the webconfig file's
> connection
> string in the framework 1.1.

Use any of the built-in methods in the System.Security.Cryptography
namespace:
http://msdn.microsoft.com/en-us/library/system.security.cryptography(VS.71).aspx

I'm curious as to why you need to do this...


--
Mark Rae
ASP.NET MVP
http://www.markrae.net

Top

Re: Encrypting Webconfig file values in .Net 1.1 Framework by Teemu

Teemu
Thu May 08 15:09:33 CDT 2008

Hi,

here's a walkthrough from "Building Secure ASP.NET Applications"

http://msdn.microsoft.com/en-us/library/aa302403.aspx#secnetht08_step3
How To: Use DPAPI (Machine Store) from ASP.NET 1.1

--
Teemu Keiski
AspInsider, ASP.NET MVP
http://blogs.aspadvice.com/joteke
http://teemukeiski.net


"madhusrp" <madhusrp@discussions.microsoft.com> wrote in message
news:35FC91DD-2EF5-4D25-BF8C-DE085B798480@microsoft.com...
> Hi,
> Could anyone suggest me an idea to encrypt the webconfig file's
> connection
> string in the framework 1.1.
>
> Thank you in Advance
> --
> Lets Learn and Make All Learn


Top

Re: Encrypting Webconfig file values in .Net 1.1 Framework by Mark

Mark
Fri May 09 02:19:51 CDT 2008

On Thu, 8 May 2008 21:04:51 +0100, "Mark Rae [MVP]"
<mark@markNOSPAMrae.net> wrote:

>I'm curious as to why you need to do this...

It is always prudent to encrypt sensitive information and connection
strings fall into this category. Given that MS have provided an API
and method of doing this they obviously feel the same way.

Cheers,
Mark
--
|\ _,,,---,,_ A picture used to be worth a
ZZZzzz /,`.-'`' -. ;-;;, thousand words - then along
|,4- ) )-,_. ,\ ( `'-' came television!
'---''(_/--' `-'\_)

Mark Stevens (mark at thepcsite fullstop co fullstop uk)

This message is provided "as is".
Top

Re: Encrypting Webconfig file values in .Net 1.1 Framework by Mark

Mark
Fri May 09 04:55:47 CDT 2008

"Mark Stevens" <nevyn@nospam.nospam> wrote in message
news:aiu724948qaa812kp9je80heae448toi93@4ax.com...

>>I'm curious as to why you need to do this...
>
> It is always prudent to encrypt sensitive information and connection
> strings fall into this category.

Are you worried that someone might hack your server and steal a copy of
web.config? If so, then the file's contents are surely the least of your
worries...

> Given that MS have provided an API and method of doing this they
> obviously feel the same way.

The Cryptography namespace is not *just* for web.config - it can be used to
encrypt anything...


--
Mark Rae
ASP.NET MVP
http://www.markrae.net

Top