So far, the best resource I've found online for a how to-guide for how to encrypt the passwords in a Web.config file has suggested, like every other blog posting, that one has to put some stuff in the top of the Web.config to make it work. However, most of the other postings I fought my way through suggested additions that just wouldn't compile!. The golden posting I saw here which now seems offline. Maybe it will return. At any rate, it suggests/suggested you start off a Web.config file like this:
<configuration>
<configSections>
<section name="dataConfiguration" type="Microsoft.Practices.EnterpriseLibrary.
Data.Configuration.DatabaseSettings,
Microsoft.Practices.EnterpriseLibrary.Data,
Version=3.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</configSections>
<dataConfiguration defaultDatabase="MyDatabase">
<providerMappings>
<add databaseType="Microsoft.Practices.EnterpriseLibrary.Data.Sql.SqlDatabase,
Microsoft.Practices.EnterpriseLibrary.Data, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a" name="System.Data.SqlClient" />
</providerMappings>
</dataConfiguration>
Next, navigate to the folder holding a Web.config to encrypt with "Developer Command Prompt for VS2012" and then type something like this:
aspnet_regiis -pef connectionStrings . -prov DataProtectionConfigurationProvider
Sometimes the Web.config file will be redacted and sometimes a better copy of the Web.config file will be made one folder up. I'm sure there is a sane explanation for this, but I don't really care. Use appSettings here in lieu of connectionStrings to encrypt the appSettings section of the Web.config instead of the connectionStrings section. Also rename app.config to Web.config to make this trick work for app.config. You will then need to rename Web.config back to app.config. In the end, something like this:
<connectionStrings>
<add name="DefaultConnection" providerName="System.Data.SqlClient"
connectionString="Data Source=MyServer;Initial Catalog=MyDatabase;
Persist Security Info=True;User ID=foo;Password=bar" />
</connectionStrings>
...will become something like this:
<connectionStrings configProtectionProvider="DataProtectionConfigurationProvider">
<EncryptedData>
<CipherData>
<CipherValue>AQAAANCMnd8BFdERjHoAwE/Cl+
sBAAAAD9WbcMcef0Onv4S9BkyQ5wQAAAACAAAAAAADZgAAwAAAABAA
AAAKHRL+
D1aOMuO5KNEwR9WcAAAAAASAAACgAAAAEAAAAHQKZ9aFFT7H
SVTrvXdIzVgQAgAA9fg86jjjqufpllVijvAQvsbCIAYevcnasJ4LWh6YApj+
nzlVQEMo4yAxgeIr4UzPxTH2LgPE89C/I+ZY6jG73q5y6Eb4T1g+STPPA+
ezZW2e3hdFx9aT15RjPfzuS5yQjuhlg/ehuVrqqMkBLWGI4AmFDORgzWTb47Q
O4xfmGV6HWh48Wd7GTaV1rrZ1sFCOfJ5I5l8jIRv4BESGzMTDVAr6clmblYET2
6kXhTvcosw5G71caQO4s1Mp89RatzwxAmWeYbwAYgPp1y/
Y/0/dN2AsBRyVr1m+
wX+2K0Y1YIczcGaHJ/DSJnNAMCkjHL+QOpaf5i6n72zlsylPI7hF5qmBTVxpZP
KgCsBsCNdvFVsTeAFBEJLJKaZq2K/tmJjMbxIBTy1hD+
D0KsMT2P55zbBAKkYBMsqYl6ux+U3rczgdZM8bL8HglxZOcAC/
GOqm04NmT36ctM/5qF48VPh3Jk2RYPJqXe+z/
xH7OO1vya4BHPvKKunkvMqh9fsMhxI3A/
IwqVkFCsWgkksnegzqAcBwuz5m6OhRiwam8oDBmbTULIZ8St8y+
vDgbdQU2jCFhUULGe0tQf0tehA+lDOL1htSJ0GI0ypdfpZhEDej7YxxEDUnwJI
66MFJIJmNAk7VjJzwFMDPf3DeTqwSXxKFfjKRLZctuWmBsfs9b2B7QS62K5TJ
vVRnQfQriPHDGacKFAAAAAEv8R/zsGee0gAm1oPQy3v8rwrw</CipherValue>
</CipherData>
</EncryptedData>
</connectionStrings>
No comments:
Post a Comment