I am working with C# & WPF and, of course, an app.config file. I have not been able to find an example of encrypted connection strings, stored in the app.config. There's plenty of examples for ASP.NET and web.config but nothing solid for app.config. The only examples I have come across clearly state that the string is only "decode-able" (is that even a word?) on the same machine that it was first encrypted on. Are there any viable options for working with encrypted connection strings (or other data) in an app.config?
Add a comment
|
1 Answer
Encrypt ConnectionStrings in App.config
private void ProtectSection(String sSectionName)
{
// Open the app.config file.
Configuration config = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None);
// Get the section in the file.
ConfigurationSection section = config.GetSection(sSectionName);
// If the section exists and the section is not readonly, then protect the section.
if (section != null)
{
if (!section.IsReadOnly())
{
// Protect the section.
section.SectionInformation.ProtectSection("RsaProtectedConfigurationProvider");
section.SectionInformation.ForceSave = true;
// Save the change.
config.Save(ConfigurationSaveMode.Modified);
}
}
}
3 Comments
Unknown Coder
I've come across examples like this before. BUT my understanding is that the sections can only be encrypted and then unencrypted on the same machine. So it wouldn't work in a distributed application.
Tom Dudfield
From this article it looks like this approach works on distributed apps.
Mitch Wheat
That's why the code is there. I've removed first link and updated second.