Menu
In a .NET 4.0 website, which web.config sections can be encrypted? I read that not all sections can be encrypted, but I can't find anything detailing which sections can.
708
From the MSDN docs, it's clear that one can encrypt and decrypt a web.config section using the Aspnet_regiis.exe tool with the –pe option and the name of the configuration element to be encrypted as long as the section is not one of these ones:
The following is a list of configuration sections that cannot be encrypted using protected configuration: processModel, runtime, mscorlib, startup, system.runtime.remoting, configProtectedData, satelliteassemblies, cryptographySettings, cryptoNameMapping, and cryptoClasses. It is recommended that you use other means of encrypting sensitive information, such as the ASP.NET Set Registry console application (Aspnet_setreg.exe) tool, to protect sensitive information in these configuration sections.
Here's what you need to encrypt all other possible sections:
Encrypting and Decrypting Configuration Sections
Walkthrough: Encrypting Configuration Information Using Protected Configuration
188
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
