Guruji Point - Code You Want To Write

  • Home
  • Asp.Net
  • WCF
  • SQL
  • Type Script
  • AngularJS
  • Tech News
  • Blog
  • Earn Online

Tuesday, 19 September 2017

Encypt Connection String In Web.Config File - Asp.Net C#

 asp.net, Asp.Net C#, decrypt connection string, encrypt connection string, guruji point, Gurujipoint, webconfig and encrypted connection string     No comments   

Introduction
 how to encrypt the connection string in Web.Config to increase the security and keep the connection with the database secure. Is there any need to decrypt the encrypted key or use directly to the encrypted string.

Why Encryption Required
In many of articles I used connectionStrings section in web.config file to store database connection. The connectionStrings section contains sensitive information of database connections including username and password of database.
Encrypting sensitive sections of the Web.Config is important because they are just that, sensitive. Think about production Web.Config file. It may contain all information that requires running your web application. There are often passwords for SQL database connections, SMTP server, API Keys, or other critical information. In addition to this, Web.Config files are usually treated as just another source code file, that means, any developer on the team, or more accurately anyone with access to the source code, can see what information is stored in Web.Config file.

If we are using applications in our internal servers with security then it’s ok if we deploy our applications in shared host environment then we have chance to arise security problems to avoid these problems

Encrypt ConnectionString
Here we will do encryption of connection string in web.config using aspnet_regiis.exe command line tool.
When you working with your WebApplication then in web.config your connection string looks similar like the below given string. Before Encryption
<configuration> 
  <connectionStrings>
    <add name="ConStr" connectionString="Data Source=JP-PC; Integrated Security=true;Initial Catalog=TestDB;" />
  </connectionStrings>
</configuration>

Step 1 -  Goto Windows All Programs ==> Visual Studio 2015 (In my case it is VS 2015)
Step 2 -  Now Click on Visual Studio 2015 to expend and Right click on Developer Console
Step 3 -  Run Developer Console as an Administrator

Step 4 - Paste the below command in CMD window
cd C:\Windows\Microsoft.NET\Framework\v4.0.30319
After this use this command
ASPNET_REGIIS -pef "connectionStrings" "D:\JP_Projects\MyWebApp"
NOTE - here "D:\JP_Projects\MyWebApp" my project path where web.config located. In your case just open the containing folder of Web.config from Visual studio and paste the path in console.

After Successfully Encryption, Connection String might look like this



Here we don’t want to write any code to decrypt the encrypted connectionString in our application because .NET automatically decrypts it. If we want to use the connection string just call it like normal way.

string ConString = ConfigurationManager.ConnectionStrings["conStr"].ToString();


  • Share This:  
  •  Facebook
  •  Twitter
  •  Google+
  •  Stumble
  •  Digg
Email ThisBlogThis!Share to XShare to Facebook
Newer Post Older Post Home

0 comments:

Post a Comment

Facebook Updates

Guruji Point

Categories

Comman table Expression in SQL Dynamic Grid Row IQueryable in c# Learn AngularJS Scope_Identity() Use of indexes comma seperated string in sql row_number() and dense_rank() salary table structure. while loop in sql why do we need cursor why tuple used

About Us

This blog is about the Programming ,Tech News and some intresting facts related Contents. Here you can find fundamental and expert level topic of programming languages very practically related to C# , Asp.Net ,Sql-Server, JavaScript, Jquery, WebServices And also Web-Api, WCF ,WPF, Angular Js.

Contact Us

Email Us - gurujipoints@gmail.com
Contact- 8077657477

Reach Us

Copyright © Guruji Point - Code You Want To Write