In this article I will show you a super simple and secure way to encrypt your connection string in your asp.net web application. This is how you do it.
How to encrypt the connection string directly on the deployed server?
1>Place this inside the <configuration> section of your web.config.
2>Save the bolded text below in a file named encrypt.bat
(Note the extension of the file is .bat )
aspnet_regiis -pc "MyKey"
aspnet_regiis -pa "MyKey" "NT AUTHORITY\NETWORK SERVICE"
aspnet_regiis -pa "MyKey" "ASPNET"
aspnet_regiis -pef "connectionStrings" "." -prov "MyProvider"
3>Where ever the web.config of your web application resides, put the encrypt.bat in the same folder.
Now if you open your config file, the connection strings section would look something like this
There! You are good to go!
What If you need to replace the web.config later some time?
Run this on command prompt
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis -pz "MyKey"
This will remove the machine key "MyKey" that was created at
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys
Then go ahead and run encrypt.bat
Walkthrough: Creating and Exporting an RSA Key Container: