Encypting Configuration Files in Microsoft.NET

Start by granting all needed permissions to the IUSR for the directory C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys

 

In your Project folder, rename the App.config configuration file to web.config

 

Open the Developer Command Prompt for Visual Studio or any Command Prompt/Power Shell with Administrative Privileges

 

Browse to the folder C:\Windows\Microsoft.NET\Framework\v4.0.30319

Note: The version of the Framework may vary

 

In our example my Project Folder is : C:\Users\rkaramagi\source\repos\UserAccessTracker\UserAccessTracker

 

Run the command:

aspnet_regiis.exe -pef “connectionStrings” “Project Folder”

aspnet_regiis.exe -pef “connectionStrings” “C:\Users\rkaramagi\source\repos\UserAccessTracker\UserAccessTracker”

 

 

Notice that the Connection String is encrypted within the tag <Cipher Value>.

 

Rename the web.config file back to App.config

 

To decrypt the connection string back to the clear/plain text type the command in the same directory C:\Windows\Microsoft.NET\Framework\v4.0.30319 where the encryption was done.

aspnet_regiis.exe -pdf “connectionStrings” “Project Folder”

 

NOTE: Make sure when editing your config file with the Notepad editor that you save your file in the UTF-8 format and not in ANSI.