问题
I have written the name of my database, username and password in my web.config file as connection string.
I want to encrypt this data. How can I do it?
<connectionStrings>
<add name="ISP_ConnectionString" connectionString="Data Source=JIGAR;
Initial Catalog=ISP;Integrated Security=True;
User ID=jigar;Password=jigar123;
providerName="System.Data.SqlClient" />
</connectionStrings>
回答1:
You can just use the apnet_regiis tool to do that ,just do
C:\WINDOWS\Microsoft.Net\Framework(64)\(.Net version)\aspnet_regiis -pe "connectionStrings"
for a specific application you can use the app argument -app application name, and for a specific site you can also use the site argument "-site site id".
For more details see http://msdn.microsoft.com/en-us/library/dtkwfdky.aspx.
Note that this works for a web application only and not for a windows application.
Also note that you have to run it from a command prompt with elevated privileges ("run as administrator").
回答2:
I one particular application, I call the following routine on startup:
Private Sub CheckConfigFile()
Dim config As System.Configuration.Configuration = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None)
Dim sec As ConfigurationSection = config.AppSettings
If sec IsNot Nothing Then
If sec.SectionInformation.IsProtected = False Then
Debug.Write("Encrypting the application settings...")
sec.SectionInformation.ProtectSection(String.Empty)
sec.SectionInformation.ForceSave = True
config.Save(ConfigurationSaveMode.Full)
Debug.WriteLine("done!")
End If
End If
End Sub
来源:https://stackoverflow.com/questions/2460911/encrypting-the-connection-string-in-web-config-file-in-c-sharp