I want to keep encrypted connection string and stmp information in the web.config.
can I store Connection String and SMTP information in web.config encrypted and where I need just decrypted and use?
OR
What is the point/event where i can encrypt the Connection String and SMTP and save in the web.config? (and if the changes happen in web.config in that, is existing session expired?)
What is the best solution?
Thanks
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
It’s easy to do with aspnet_regiis.exe– look at the pe/pd/pef and pdf options. You can also do it programmatically. It works by encrypting a specific configuration section. In your case that is the connectionStrings and smtp sections.
You can use either DPAPI or RSA and you can encrypt on either a machine wide basis or on a specific user account.
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0