Comments on: Encrypting web.config http://jtoee.com/2008/02/encrypting-webconfig/ Putting the >O< in technology Thu, 04 Mar 2010 15:21:07 +0000 http://wordpress.org/?v=2.9.1 hourly 1 By: Ravi http://jtoee.com/2008/02/encrypting-webconfig/comment-page-1/#comment-1061 Ravi Fri, 04 Dec 2009 21:24:52 +0000 http://jtoee.com/wordpress/?p=41#comment-1061 aspnet_regiis creats a new key pair if you try to import just the Public key .. aspnet_regiis creats a new key pair if you try to import just the Public key ..

]]> By: Scott Holodak http://jtoee.com/2008/02/encrypting-webconfig/comment-page-1/#comment-30 Scott Holodak Tue, 06 Jan 2009 23:47:49 +0000 http://jtoee.com/wordpress/?p=41#comment-30 One small (but important) change: C:\app> aspnet_regiis -px MyCustomContainer mykeys.xml -pri The -pri argument tells the machine that created the key store to also export the private key to the xml file. Without it, you only export the public key. Your procedure for importing and authorizing users remain the same. aspnet_regiis will allow you to import just the public key, but you would only be able to use it to encrypt sections (not decrypt). If you encrypted your connection strings on the first server and installed just the public key on all the others, only the first server would be able to connect to the DB. The rest wouldn't be able to parse the config. One small (but important) change:
C:\app> aspnet_regiis -px MyCustomContainer mykeys.xml -pri

The -pri argument tells the machine that created the key store to also export the private key to the xml file. Without it, you only export the public key. Your procedure for importing and authorizing users remain the same.

aspnet_regiis will allow you to import just the public key, but you would only be able to use it to encrypt sections (not decrypt). If you encrypted your connection strings on the first server and installed just the public key on all the others, only the first server would be able to connect to the DB. The rest wouldn’t be able to parse the config.

]]> By: links for 2008-07-23 « Praveen’s Blog http://jtoee.com/2008/02/encrypting-webconfig/comment-page-1/#comment-6 links for 2008-07-23 « Praveen’s Blog Wed, 23 Jul 2008 10:48:22 +0000 http://jtoee.com/wordpress/?p=41#comment-6 [...] Jochen Toppe’s Blog » Encrypting web.config [...] [...] Jochen Toppe’s Blog » Encrypting web.config [...]

]]>