Using these steps we can convert web.configs to encrypted strings with the assist of .NET framework given tools.
For development and we don’t have any sensitive information on our dev machines, then there’s no much point of using this practice other than for testing. However on a live server or a machine where there is sensitive information which could be hacked. Then there’s the benefit of using this.
To Encrypt Connection string in Web.Config files, We can follow these steps.
- Open C:\Windows\System32\CMD.exe As Administrator
- In CMD type CD C:\Windows\Microsoft.NET\Framework64\v4.0.30319
- In CMD type aspnet_regiis.exe -pef connectionStrings “Path of the Folder containing the Web.Config file”
Ex: aspnet_regiis.exe -pef “connectionStrings” “D://PROJECTS/SAMPLE_PROJECT” - Set to identity impersonate false for project web.config
<system.web>
<identity impersonate="true" />
</system.web>
For Decryption, you can use the below command.
- Open C:\Windows\System32\CMD.exe As Administrator
- In CMD type CD C:\Windows\Microsoft.NET\Framework64\v4.0.30319
- In CMD type aspnet_regiis.exe -pdf “connectionStrings” “Path of the Folder containing the Web.Config file”
Ex: aspnet_regiis.exe -pdf “connectionStrings” “D://PROJECTS/SAMPLE_PROJECT”
