Encrypt and Decrypt Connection Strings in Web.config
Are you preparing for the next job interviews in Microsoft ASP.NET? If yes, trust me this post will help you also we'll suggest you check out a big collection for Programming Full Forms that may help you in your interview:
List of Programming Full Forms
Introduction:
Today in this article, I will explain how we can encrypt and secure our connection string in the web config file. This post provides a basic reference on how basic protection can be achieved using the aspnet_regiis.exe tool, by default installed with .Net Framework.
So it is always recommended to encrypt the connection string of your application because the data we have here is highly sensitive. It must be secured. Here I am going to show you a demo of how we can do that,
Follow these instructions in order to implement “Encrypt and Decrypt Connection Strings in Web.config Using aspnet_regiis.exe”
Plain Connection String in Web.config file before encryption.
The below screenshot shows the plain connection string before encryption.
Step1: Open Developer Command Prompt.
You will need to open Developer Command Prompt from Start Menu > Microsoft Visual Studio 2013 > Common7 > Tools > Shortcuts
Note: You must be login as Administrator and right-click Developer command prompt Prompt and select Run as Administrator.
Note: In this article, I explain the process using Microsoft Visual Studio 2013. This process is the same for the other versions. The only difference will be that you need to open Visual Studio Command Prompt from the folder of their respective version of Visual Studio installed on your computer.
Encrypting the Connection String in Web. Config using aspnet_regiis.exe tool.
To encrypt the connection string in the Web.config file, you will need to use the aspnet_regiis.exe tool.
Syntax:
aspnet_regiis.exe -pef "connectionStrings" "<Path of the Folder containing the Web.Config file>"
This command requires 3 arguments:
- –pef: It represents the action to be performed. In order to perform Encryption, the parameter value is -pef.
- connectionStrings: It represents a section of the Web.Config file to be encrypted. For this case, the value will be connectionStrings.
- Path of Folder: Here we need to provide the path of the folder that containing the Web.config file
Example:
aspnet_regiis.exe -pef "connectionStrings" "D:\My Project\Testwebsite"
The above command will encrypt all the Connection Strings in the connectionStrings section of Web.Config file.
Connection String in Web.config file after Encryption
Access the Encrypted Connection String in Code behind
Asp.net will automatically decrypt the connection string when it is fetched in code behind, so you need to access the connection string in the same way as you would be in a general way
public partial class _Default : System.Web.UI.Page
{
SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["con"].ConnectionString);
protected void Page_Load(object sender, EventArgs e)
{
}
}
Decrypt the Connection String in Web. Config using aspnet_regiis.exe
For decrypting the ConnectionString section in the Web.Config file, we will need to use the aspnet_regiis.exe tool that was used for encryption.
Syntax:
aspnet_regiis.exe -pdf "connectionStrings" "<Path of the Folder containing the Web.Config file>"
This command requires 3 arguments:
- –pdf: It represents the action to be performed. In order to perform Decryption, the parameter value is -pdf.
- connectionStrings: It represents a section of the Web.Config file to be decrypted. For this case, the value will be connectionStrings.
- Path of Folder: Here we need to provide the path of the folder that containing the Web.config file
Example:
aspnet_regiis.exe -pdf "connectionStrings" "D:\My Project\Testwebsite"
The above command will decrypt all the Connection Strings in the connectionStrings section of Web.Config file.
Note: This decryption process is machine-specific means, connectionStrings can be decrypted on the same machine where we perform encryption.
If you have any problem and face any difficulty then Share your experiences with us in the comments below!
Like this post? Don’t forget to share it!
More Interview Questions and Answers:
- Top 15 Python Interview Questions
- React Interview Question
- C# Interview Questions and Answers
- Top 10 IoT Interview Questions
- DotNet Core Interview Questions and Answers
- Angular Interview Questions with Answers
- Interview questions for Asp.Net and .Net
- OOPs Interview Questions and Answers
- Blazor Interview Questions and Answer
- Top 10 Interview Questions and Answered for Web Developer of 2020
- OOPs Interview Questions and Answers in C#
- GoogleCloud Interview Questions
- Asp.net MVC Interview Questions and Answers
- Interview Questions and Answers On Selenium Webdriver