ENCRYPTION:
Step 1: From Windows Start Menu -> Microsoft Visual Studio 2010 -> Visual Studio 2010 -> Visual Studio Tools -> Visual Studio Command Prompt, type in the following command.
Step 2: In the command, path_name refers to the full path of the web.config file. NOTE: Do not include web.config in the path_name.
Command for IIS based Web Application:
aspnet_regiis –pe connectionStrings path_name
Command for File System Application:
aspnet_regiis –pef connectionStrings path_name
DECRYPTION:
Step 1: From Windows Start Menu -> Microsoft Visual Studio 2010 -> Visual Studio 2010 -> Visual Studio Tools -> Visual Studio Command Prompt, type in the following command.
Step 2: In the command, path_name refers to the full path of the web.config file. NOTE: Do not include web.config in the path_name.
Command for IIS based Web Application:
aspnet_regiis –pd connectionStrings path_name
Command for File System Application:
aspnet_regiis –pdf connectionStrings path_name
ADVANTAGES AND DISADVANTAGES OF THIS APPROACH in Server System
Encrypt Web.config on the Server System
You publish the web application to the server system. The application, as published, includes the unencrypted Web.config file.
You then log onto the server system and encrypt the Web.config file that was published to the server. With this option, the encryption is performed using the keys that are on the server.
Advantages:
• You do not have to export the encryption keys from your PC.
• You can modify the connection strings on the server system should any adjustments need to be made after you publish the web application from your PC.
Disadvantages:
• An extra step has to be performed on the server. It is easy to overlook this step, meaning that the unencrypted connection strings are on a server that may be directly connected to the Internet.
• It may not be desirable for the server administrator to have access to the unencrypted Web.config file.
• If the web application is deployed to more than one web server (which is not uncommon when deploying a web application that is meant to serve thousands of users using multiple web server machines), the encryption steps must be performed on each of the web servers.
• Any subsequent changes that you make to the connection strings in the development environment require that the encryption steps be done again on the server system when you redeploy the application.
This article was referred from one of the posted articles online - felt good to be here and so posted here. I tried this and is working fine for me.
Date Changes, Month Changes, Year Changes, Be Yourself, No Matter What ever Changes......!
