Click here to Skip to main content
Click here to Skip to main content
Technical Blog

Encrypt .Net Configuration file

, 25 Apr 2011 CPOL
Rate this:
Please Sign up or sign in to vote.
Under some scenarios the developers want to encrypt some sections inside app.config or web.config file, this article How To: Encrypt Configuration Sections in ASP.NET 2.0 Using RSA describes how to do so clearly, Scott Guthrie also posted one: Encrypting Web.Config Values in ASP.NET 2.0.However, in

Under some scenarios the developers want to encrypt some sections inside app.config or web.config file, this article How To: Encrypt Configuration Sections in ASP.NET 2.0 Using RSA describes how to do so clearly, Scott Guthrie also posted one: Encrypting Web.Config Values in ASP.NET 2.0.

However, in the posts above they uses aspnet_regiis.exe and seems it doesn’t directly support app.config, if we want to encrypt app.config for Windows Form or WPF applications, while I tried use it to encrypt my app.config file, it generates a web.config which means my Winform definitely can’t use it, even if I copy the encrypted appSettings section from this generated web.config to my own app.config(ConfigurationManager.AppSettings[EncryptedKeyName] is null after I did that).

Config Encrypt

Encrypted WebConfig

After several minutes google search and testing I found the code below is simple and very straight forward to achieve this:

Configuration config = ConfigurationManager.OpenExeConfiguration(
    ConfigurationUserLevel.None);

SectionInformation appSettingsSecInfo = config.GetSection(
   "appSettings").SectionInformation;
if (!appSettingsSecInfo.IsProtected)
{
    Console.WriteLine("The configuration file has NOT been protected!");

    // Encrypt this section by using security provider 
    // (RsaProtectedConfigurationProvider or DpapiProtectedConfigurationProvider).
    appSettingsSecInfo.ProtectSection("RsaProtectedConfigurationProvider");
    appSettingsSecInfo.ForceSave = true;

    config.Save(ConfigurationSaveMode.Full);
}

This code snippet will do the encryption job and works for both app.config/web.config, here is the MSDN definition page for SectionInformation.ProtectSection:
http://msdn.microsoft.com/en-us/library/system.configuration.sectioninformation.protectsection.aspx

References:

Overview of Protected Configuration: 

http://msdn.microsoft.com/en-us/library/hh8x3tas.aspx

RsaProtectedConfigurationProvider Class:
http://msdn.microsoft.com/en-us/library/system.configuration.rsaprotectedconfigurationprovider.aspx

DpapiProtectedConfigurationProvider Class:
http://msdn.microsoft.com/en-us/library/system.configuration.dpapiprotectedconfigurationprovider.aspx

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Share

About the Author

Wayne Ye
Software Developer (Senior) SAP Labs Shanghai
China China
Wayne is a software developer, Tech Lead and also a geek. He has more than 6 years' experience in Web development(server: ASP.NET (MVC), Web Service, IIS; Client: HTML/CSS/JavaScript/jQuery/AJAX), Windows development (Winform, Windows Service, WPF/Silverlight, Win32 API and WMI) and SQL Server. Deep understanding of GOF Design Patterns, S.O.L.i.D principle, MVC, MVVM, Domain Driven Design, SOA, REST and AOP.
 
Wayne's Geek Life http://WayneYe.com
 
Infinite passion on programming!
Follow on   Twitter

Comments and Discussions

 
QuestionDeploy encrypted config to other machines PinmemberMember 141997020-Jan-13 11:20 
GeneralMy vote of 4 PinmemberCrawfis29-Dec-11 6:41 
GeneralOriginal Reference PinmemberMEhran.NET3-May-11 0:17 
GeneralRe: Original Reference PinmemberWayne Ye4-May-11 2:17 
GeneralRe: Original Reference PinmemberCrawfis29-Dec-11 6:41 
GeneralMy vote of 1 PinmemberMEhran.NET3-May-11 0:14 
GeneralExcellent. PinmemberRene Pilon26-Apr-11 12:08 
GeneralRe: Excellent. PinmemberWayne Ye26-Apr-11 17:04 
GeneralMy vote of 5 PinmemberOshtri Deka26-Apr-11 4:24 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Terms of Use | Mobile
Web02 | 2.8.1411022.1 | Last Updated 25 Apr 2011
Article Copyright 2011 by Wayne Ye
Everything else Copyright © CodeProject, 1999-2014
Layout: fixed | fluid