Skip to main content

ASP.NET Securing Connection Strings with Encryption



ASP.NET provides DPAPIProtectedConfigurationProvider to encrypt and decrypt. In a web farm use RSAProtectedConfigurationProvider.

Configuration file before:
 


To encrypt use the command:
Aspnet_regiis –pef “connectionStrings” “C:\inetpud\...\MySite”

If changes are made to connection string from GUI they are automatically encrypted and incorporated in web.config.
To Decrypt use the command:
Aspnet_regiis –pdf “connectionStrings” “C:\inetpud\...\MySite”

Two types of encypters are supported:
1-    DPAPIProtectedConfigurationProvider Uses the Windows Data Protection API (DPAPI) to encrypt and decrypt data
2-    RSAProtectedConfigurationProvider Default provider, uses the RSA encryption algorithm to encrypt and decrypt data
Type is specified in Configuration section, e.g:

 



To allow ASP.NET user account to access key container use the following command:

aspnet_regiis.exe –pa "NetFrameworkConfigurationKey"
"NT AUTHORITY\NETWORK SERVICE"

To create a new Key Container:
aspnet_regiis.exe –pc YourContainerName –exp

To export the key container in XML file:
aspnet_regiis.exe –px YourContainerName YourXmlFile.xml

Importing the Key container on each server:
aspnet_regiis.exe –pi YourContainerName YourXmlFile.xml

Labels:

Popular posts from this blog

Culture Information and Localization in .NET

Namespace: System.Globalization CultureInfo Class:                 It provides information like the Format of numbers and dates, Culture’s Calendar, Culture’s language and sublanguage (if applicable), Country and region of the culture. The Basic use of CultureInfo class is shown here: • How string Comparisons are performed • How Number Comparison & Formats are performed • Date Comparison and Formats. • How resources are retrieved and used. Cultures are grouped into three categories: Invariant Culture : It’s Culture Insensitive. It can be used to build some trial application. It can be also used to build an application with hard-coded expiry date that ignores cultures. But using it for every comparison will be incorrect and inappropriate. Neutral Culture : English(en), Frensh(fr), and Spanish(sp). A neutral culture is related to language but it’s not related to specific regi...
Post a Comment
Continue Reading »

Concept of App Domain in .Net

Creating Application Domains: Application domain is just like process, provides separate memory space, and isolates from other code. But it’s quite light weight. It also provides the following advantages: 1-       Reliability : If a domain crashes, it can be unloaded. Hence doesn’t affect the other assemblies. 2-       Efficiency : Loading all assemblies in one domain can be cumbersome and can make the process heavy but Appdomains are efficient in this manner. Important properties of AppDomain: ApplicationIdentity , ApplicationTrust , BaseDirectory , CurrentDomain , DomainManager , DomainDirectory , Evidence , FriendlyName , ID , RelativeSearchPath , SetupInformation , ShadowCopyFiles . Important methods of AppDomain: ApplyPolicy , CreateCOMInstanceFrom , CreateDomain , CreateInstance (Assembly). To create an AppDomain: AppDomain adomain = AppDomain.CreateDomain(“D”); To execute an assembly:...
Post a Comment
Continue Reading »

ASP.NET Working With Data-Bound Web Server Controls

Suppose we have: List<Car> vCars = new List<Car>(); There are three types of databound controls: Simple databound controls(List, AdRotater), Composite data bound controls(GridView, DetailsView, FormView that inherit from CompositeDataBoundControl), and Hierarchal data bound controls (TreeView, Menu).   DataBoundControl has a DataBind method that can be used when data is ready. It calls DataBind for child controls as well. Page.DataBind() will call DataBind for all child controls. Using DataSource Objects:                                       BaseDataBound control exposes DataSource property that accepts objects that implement IEnumerable , IListSource , IDataSource , or IHierarchalDataSource . DataSourceID accepts ID of SqlDataSource . If both specified Data...
Post a Comment
Continue Reading »