Menu
ASP.NET 4
I've used RSA key encryption for connection strings in web.config on my web farm. However, there's one more custom password entry that I'd like to encrypt. How should I encrypt it with RSA key without having the rest configurations being encrypted. Please advise, thanks.
Example:
<appSettings> ... <add key="Host" value="www.foo.com" /> <add key="Token" value="qwerqwre" /> <add key="AccountId" value="123" /> <add key="DepartmentId" value="456" /> <add key="Password" value="asdfasdf" /> <add key="SessionEmail" value="[email protected]" /> <add key="DefaultFolder" value="789" /> </appSettings> 
712
Encrypting a Web Configuration Section To encrypt configuration file contents, use the Aspnet_regiis.exe tool with the –pe option and the name of the configuration element to be encrypted. Use the –app option to identify the application for which the Web.
You could put the password into a separate section and encrypt this section only. For example:
<?xml version="1.0" encoding="utf-8" ?> <configuration> <configSections> <section name="secureAppSettings" type="System.Configuration.NameValueSectionHandler, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" /> </configSections> <appSettings> <add key="Host" value="www.foo.com" /> <add key="Token" value="qwerqwre" /> <add key="AccountId" value="123" /> <add key="DepartmentId" value="456" /> <add key="SessionEmail" value="[email protected]" /> <add key="DefaultFolder" value="789" /> </appSettings> <secureAppSettings> <add key="Password" value="asdfasdf" /> </secureAppSettings> </configuration> and then (note that I am using DPAPI in my example so adapt the provider for RSA):
aspnet_regiis -pef secureAppSettings . -prov DataProtectionConfigurationProvider Once encrypted the file will look like this:
<?xml version="1.0" encoding="utf-8" ?> <configuration> <configSections> <section name="secureAppSettings" type="System.Configuration.NameValueSectionHandler, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" /> </configSections> <appSettings> <add key="Host" value="www.foo.com" /> <add key="Token" value="qwerqwre" /> <add key="AccountId" value="123" /> <add key="DepartmentId" value="456" /> <add key="SessionEmail" value="[email protected]" /> <add key="DefaultFolder" value="789" /> </appSettings> <secureAppSettings configProtectionProvider="DataProtectionConfigurationProvider"> <EncryptedData> <CipherData> <CipherValue>AQAAANCMnd.......</CipherValue> </CipherData> </EncryptedData> </secureAppSettings> </configuration> The way you would access those settings in your application once the file is encrypted is still the same and completely transparent:
var host = ConfigurationManager.AppSettings["Host"]; var password = ConfigurationManager.AppSettings["Password"]; If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
