tag:blogger.com,1999:blog-7244391747483605318.post6011577069571287960..comments2023-10-09T19:16:35.457+03:00Comments on Rostyslav's blog: Encrypting and Decrypting Web.config Sections in .NET 4.0Rostyslav Yaremchukhttp://www.blogger.com/profile/03554485540947531622noreply@blogger.comBlogger13125tag:blogger.com,1999:blog-7244391747483605318.post-82925541460788584172021-05-12T09:26:03.961+03:002021-05-12T09:26:03.961+03:00Very useful article.. Thanks for sharing in detail...Very useful article.. Thanks for sharing in details.. Chand Joganihttps://www.blogger.com/profile/08218005255839486353noreply@blogger.comtag:blogger.com,1999:blog-7244391747483605318.post-40104049787891985172017-12-07T00:46:22.243+02:002017-12-07T00:46:22.243+02:00Excellent Article. Thank you for sharing.
I have...Excellent Article. Thank you for sharing. <br /><br />I have a tricky situation where I am not sure about the best practices and how to achieve best solution. I am using VS 2015 and deploying using Publish Profiles. Currently, I have multiple environments with their own profiles and web config transforms. Below are my questions:<br /><br />• In my main web.config I have my main connection strings which is encrypted (not sure if this should be encrypted or not). <br />• Should my web.production.config be encrypted in the solution? If yes, how do we apply transforms to encrypted connection strings as xdt:Locator="Match(name)" will not find anything to match in Cipher Value?<br />• If I want to change my connection string for multiple servers, how do I decrypt it? Do I need to decrypt it on each server?<br />• Is it a good practice to encrypt each environments (production, QA, staging etc..) connection string and keep it in the solution or not?<br /><br />Any examples for encryption for different connection strings are highly appreciated<br />Mihir-d champ is herehttps://www.blogger.com/profile/05176869872204072841noreply@blogger.comtag:blogger.com,1999:blog-7244391747483605318.post-30992569133318028792017-04-02T17:48:30.179+03:002017-04-02T17:48:30.179+03:00Thanks for sharing.Thanks for sharing.Anonymoushttps://www.blogger.com/profile/06177293653805525761noreply@blogger.comtag:blogger.com,1999:blog-7244391747483605318.post-62073783297420939622015-05-12T12:04:50.086+03:002015-05-12T12:04:50.086+03:00It's a very helpful article.It's a very helpful article.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7244391747483605318.post-34300124865235257742015-03-18T15:21:42.022+02:002015-03-18T15:21:42.022+02:00Hello, it does not have sense to encrypt on local ...Hello, it does not have sense to encrypt on local and server machine. This encryption mechanism is used only to secure your production environment configuration. <br />If in some cases you need to use encryption on your local machine and server, you need to encrypt web.config separately for each machine. Every machine will have own RSA key due to security reasons.Rostyslav Yaremchukhttps://www.blogger.com/profile/03554485540947531622noreply@blogger.comtag:blogger.com,1999:blog-7244391747483605318.post-72800862153685111922015-03-12T15:52:29.588+02:002015-03-12T15:52:29.588+02:00HI,
My question is,
do we need to encrypt on the ...HI,<br /><br />My question is,<br />do we need to encrypt on the server or on our local machine.<br />If we encrypt on our local machine,how the server will be able decrypt as RSA keys are differ from machine to machine?<br /><br />Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7244391747483605318.post-34017786486382189492014-10-02T21:56:19.482+03:002014-10-02T21:56:19.482+03:00Some suggestions for improvements:
1. Add the inst...Some suggestions for improvements:<br />1. Add the instruction about how to get the ApplicationPoolIdenity.<br />2. Add the use of "-site' parameter since a web app is not always put under the "Default Web Site".<br />3. Put all the commands into a batch file, so that it is easier to use.<br />Below is an example of batch file:<br /><br /> set pathToASPNET=C:\Windows\Microsoft.NET\Framework64\v4.0.30319<br /> cd %pathToASPNET%<br />:: To grant the ASP.NET identity read access to the default RSA key container<br /> aspnet_regiis -pa "NetFrameworkConfigurationKey" "NT AUTHORITY\NETWORK SERVICE"<br /> aspnet_regiis -pe "connectionStrings" -app "/yourApp" -site "YourWebSite"<br />:: -----------------------------------------------------------------------------<br />pause > nul<br /><br />Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7244391747483605318.post-8744231271107935022014-08-04T19:16:08.258+03:002014-08-04T19:16:08.258+03:00Thanks for your article. That how i knew to use Rs...Thanks for your article. That how i knew to use RsaKey for my web application.<br />But there was one thing i could not understand: Why we need create a a Rsa Key, if we don't use this for encrypting and decrypting web.config sections?Anonymoushttps://www.blogger.com/profile/17436579192820712942noreply@blogger.comtag:blogger.com,1999:blog-7244391747483605318.post-66497261584371389962014-05-16T14:06:04.518+03:002014-05-16T14:06:04.518+03:00Very useful article.
Very useful article.<br /><br />Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7244391747483605318.post-79868689635651858922014-02-11T11:24:44.245+02:002014-02-11T11:24:44.245+02:00Yes, you can use 4 for both,Yes, you can use 4 for both,Rostyslav Yaremchukhttps://www.blogger.com/profile/03554485540947531622noreply@blogger.comtag:blogger.com,1999:blog-7244391747483605318.post-84033926495137110152013-07-26T20:31:25.076+03:002013-07-26T20:31:25.076+03:00If i have a mixture of .net 2 and .net 4 applicati...If i have a mixture of .net 2 and .net 4 applications do i need to use the utility that is located in the correct .net version for each file or can i use version 4 for both or version 2 for both??Travishttps://www.blogger.com/profile/17666435907619193394noreply@blogger.comtag:blogger.com,1999:blog-7244391747483605318.post-17577181733700585952013-07-19T08:13:05.808+03:002013-07-19T08:13:05.808+03:00This is very good example of .net development abou...This is very good example of .net development about Encrypting and Decrypting Web.config Sections in .NET 4.0 platforms very easily and step by step method.<br />Elliott Buckleyhttp://aquilanunez.snappages.com/blog/2013/07/17/microsoft-asp-net-development-helps-bring-out-real-world-web-applications-in-documentation-timenoreply@blogger.comtag:blogger.com,1999:blog-7244391747483605318.post-30276059504235226862012-12-04T17:11:45.942+02:002012-12-04T17:11:45.942+02:00Good Post!!!Good Post!!!達Minghttps://www.blogger.com/profile/02737175640783400236noreply@blogger.com