I am using sessionState mode = "SQLServer" in my application. Is there any way to encrypt the connection string that was passed in web.config?
Add a comment
|
2 Answers
To encrypt sql server connection between applications you can just add
encrypt=true
to the connection string, eg:
"Server=##.##.##.##,1092;Database=dbname;uid=username;pwd=password;encrypt=true"
To encrypt the string in web.config see how-to-encrypt-connection-string-in-web.config
Comments
I was in the same position and I also couldn't find any answer. The accepted answer also doesnt reciprocate the question asked in my opinion. After some research, i did the following to solve the issue and encrypted the sessionState node having connectionString of web.config
Encryption:
You can follow the following steps to encrypt a specific section of web.config:
Run command prompt as an
administratorExecute the command:
cd C:\Windows\Microsoft.NET\Framework\v4.0.30319Execute the command:
ASPNET_REGIIS -pef "system.web/sessionState" "PhysicalPathOfWebsiteThatHasWebConfigFile"
Decryption:
Similarly if you want to decrypt a specific node in the web.config, follow the same above steps and replace -pef with -pdf in the final step and the utility will decrypt the specific node
Explanation about above commands:
ASPNET_REGIIS: Taken from official MSDN, You can use the ASP.NET IIS Registration Tool (Aspnet_regiis.exe) to encrypt or decrypt sections of a Web configuration file. ASP.NET will automatically decrypt encrypted configuration elements when the Web.config file is processed. And -pef tells that you want to use it for encrypting a specific section in your web.config. It serves other purposes as well as explained in the official MSDNsystem.web/sessionStateis the specific node that you want to encrypt.PhysicalPathOfWebsiteThatHasWebConfigFileis the physical path of your application (where web.config is located). Please do not add an extra ‘\’ at the end of the path.
Other Reference Links:
https://learn.microsoft.com/en-us/previous-versions/aspnet/zhhddkxy(v=vs.100)
