The connection string within the web.config file contains sensitive information and you may not want to disclose this information to users where WealthWorks+ is installed. If WealthWorks+ is installed in a shared or hosted environment, it’s possible to encrypt the connection string.
ASP.NET 4.0 provides functionality to encrypt few sections of web.config file. The task can be completed using Aspnet_regiis.exe. found in %windir%\Microsoft.NET\Framework\v4.0.30319
To encrypt the connection string sections of the web.config file follow these steps:-
- From a command prompt, type following command:-
aspnet_regiis.exe -pe “connectionStrings” -app “/WealthWorksPlus”
-pe indicates that the application is built as IIS based site.
The second argument is the name of configuration section needs to be encrypted. Third argument “-app” indicates virtual directory and last argument is the name of virtual directory where application is deployed. - You should receive a message as follows:- “Encrypting configuration section…Succeeded!”
Open your WealthWorks+ web.config file using notepad to verify that connection string is encrypted.
WealthWorks+ and the .NET framework will decrypt this connection string automatically.
To decrypt the configuration section in web.config file use following command:-
- aspnet_regiis.exe -pd “connectionStrings” -app “/WealthWorksPlus”