Saturday, July 29, 2006 3:00 PM
I have been developing in ASP.NET 2.0 for a good while now and I just found out about this neat little trick so I thought I would share it with you (in case you overlooked it). Almost all of the configuration data in the web.config can be encrypted and decrypted using the aspnet_regiis command line tool.
For example, if you want to encrypt the connectionStrings section in the web.config, all you have to do is type:
aspnet_regiis -pef connectionStrings C:\MyWebSite
and if you want to decrypt the connectionStrings section in the web.config just type:
aspnet_regiis -pdf connectionStrings C:\MyWebSite
The cool thing about this utility is that there is absolutely no code involved to get this to work in your website and when you are evaluating the value of say the connectionString property in debug mode, you can see plain text.
Pretty cool!
PEACE!!