02 - Encrypting Sections with the aspnet_regiis tool

Hi,

Here we’ll cover the Encrytion of Configuration file.

The topic covered will be –

- Creating Encrypted Configuration Sections

- Encrypting Sections with the aspnet_regiis tool

- Encrypting Sections Programmatically

- Deploying Encrypted Web Configuration Files

Encrypting Sections with the aspnet_regiis tool

·                To encrypt a particular section of a configuration file.

o                      By specifying file system path

o                      –pef option

               aspnet_regiis -pef connectionStrings c:\Websites\MyWebApp

o                      By specifying virtual path

o                      –pe option

               aspnet_regiis -pe connectionStrings -app /MyApp

·                When you encrypt a configuration section, you can also specify the ProtectedConfigurationProvider to use to encrypt the section. 

o                      The Machine.config file configures two providers: the 

§                             RsaProtectedConfigurationProvider : Default 

§                             DataProtectionConfigurationProvider.

o                      Requires –prov option.

E.g

               aspnet_regiis -pe connectionStrings -app /MyApp -prov ProtectedConfigurationProvider

·                To decrypt a particular section of a configuration file.

o                      –ped option

               aspnet_regiis -pd connectionStrings -app /MyApp

Thanks & Regards,

Arun Manglick || Senior Tech Lead