ProblemYou have sensitive data in your web.config file, such as the connection string used to access your database, that you do not want available in plain text. SolutionUse the Protected Configuration feature to encrypt the sensitive information stored in web.config:
DiscussionApplications frequently contain sensitive data in their web.config files, such as a database connection string that contains the credentials required to access the database. If this information is stored in your web.config in plain text, anyone who gains access to the web.config file will have the credentials to access the database for your application. ASP.NET 1.x had no provisions for storing sensitive data in web.config other than in plain text. ASP.NET 2.0 provides the ability to encrypt sensitive data in web.config and to decrypt the data automatically when needed by your application without requiring any changes to your code. The first step in encrypting elements in web.config is to add the element, such as <connectionStrings>, and test your application to ensure the data has been entered correctly. This is important since once the data is encrypted it cannot be changed without it first being decrypted (decrypting is discussed later). Next, you need to add a <machineKey> element to web.config. The <machineKey> element configures the keys used for forms authentication cookie data, view state data, and managing the encrypted element(s). The attributes of the <machineKey> element are described as follows:
Once web.config is set up, the aspnet_regiis.exe tool is used to performthe data encryption. Open a command prompt and change to the %SystemRoot%\Microsoft.NET\Framework\%VersionNumber%\ folder where the aspnet_regiis.exe tool is located. To encrypt the <connectionStrings> element in web.config, execute the following command in the command window, substituting the virtual path of your application for [Your Application Name]. aspnet_regiis -pe "connectionStrings" -app "[Your Application Name]" The <connectionStrings> element of web.config will be changed with the sensitive data encrypted, as follows. (The CipherValue elements have been shortened for clarity.) <configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0"> k<connectionStrings configProtectionProvider="RsaProtectedConfigurationProvider"> <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns="http://www.w3.org/2001/04/xmlenc#"> <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" /> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#"> <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" /> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> <KeyName>Rsa Key</KeyName> </KeyInfo> <CipherData> <CipherValue>VJyz/bFoxgJU2PWl…..</CipherValue> </CipherData> </EncryptedKey> </KeyInfo> <CipherData> <CipherValue>Bb/JK94rxfCphYQebP3s…..</CipherValue> </CipherData> </EncryptedData> </connectionStrings> … </configuration> The next step is to encrypt the <machineKey> element to protect the key information. To encrypt the <machineKey> element, execute the following command in the command window, substituting the virtual path of your application for [Your Application Name]. aspnet_regiis -pe "system.web/machineKey" -app "[Your Application Name]" The <machineKey> element of web.config file will be changed with the key data encrypted as follows. (The CipherValue elements have been shortened for clarity.) <configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0"> … <system.web> <machineKey configProtectionProvider="RsaProtectedConfigurationProvider"> <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns="http://www.w3.org/2001/04/xmlenc#"> <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" /> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#"> <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" /> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> <KeyName>Rsa Key</KeyName> </KeyInfo> <CipherData> <CipherValue>aVVNMATLnm48…..</CipherValue> </CipherData> </EncryptedKey> </KeyInfo> <CipherData> <CipherValue>f9/2H0sgeSeZIC/t…..</CipherValue> </CipherData> </EncryptedData> </machineKey> … </system.web> </configuration> The final step to encrypting data in web.config is to grant access to the key container for the ASP.NET user. The aspnet_regiis.exe tool is once again used with the following command, substituting the ASP.NET user account on your server for [ASP.NET User]: aspnet_regiis -pa "NetFrameworkConfigurationKey" "[ASP.NET User]"
If you need to change the encrypted data in web.config, you will need to decrypt the data, make the required changes, and then encrypt the data again. The decryption is performed by using the aspnet_regiis.exe tool, this time using pd command-line parameter: To decrypt the <connectionStrings> element: aspnet_regiis -pd "connectionStrings" -app "[Your Application Name]" To decrypt the <machineKey> element: aspnet_regiis -pe "system.web/machineKey" -app "[Your Application Name]" See Also"Encrypting Configuration Information Using Protected Configuration" in the MSDN Library |