This is my first post on this forum. I have a question in regards to securing connection strings in web.config and app.config for a solution I am working on. I have a web farm with a central node that's used to push out the solution to all the servers in
the web farm, this is done using a batch script.
I would like to secure the connection strings in the web and app configs on all the solutions. I know that aspnet_regiis can only be used with web.configs so it's not an option and I built a small app that secures connection strings for web and app configs
but it only runs on one machine, how can I programmatically secure web and app configs in a web farm scenario? I haven't tested it yet, because I imagine it will fail, but can I just copy the programmatically secured web.config and app.config to all the servers
and it will...just...work?
As for your concern about app.config not supported by aspnet_regiis, since you have control over the scripting code, why not just temporarily rename the app.config to web.config, do the encryption and then rename it back?
RamiAlhamad
0 Points
1 Post
Securing web.config in a web farm scenario programmatically
Apr 24, 2012 04:32 PM|LINK
Hello all,
This is my first post on this forum. I have a question in regards to securing connection strings in web.config and app.config for a solution I am working on. I have a web farm with a central node that's used to push out the solution to all the servers in the web farm, this is done using a batch script.
I would like to secure the connection strings in the web and app configs on all the solutions. I know that aspnet_regiis can only be used with web.configs so it's not an option and I built a small app that secures connection strings for web and app configs but it only runs on one machine, how can I programmatically secure web and app configs in a web farm scenario? I haven't tested it yet, because I imagine it will fail, but can I just copy the programmatically secured web.config and app.config to all the servers and it will...just...work?
jackyang
Contributor
5816 Points
782 Posts
Re: Securing web.config in a web farm scenario programmatically
Apr 25, 2012 01:30 AM|LINK
For a web farm environment, you need to use RSAProtectionProvider. DPAPI won't work well in this setup. See: http://msdn.microsoft.com/en-us/library/zhhddkxy.aspx
As for your concern about app.config not supported by aspnet_regiis, since you have control over the scripting code, why not just temporarily rename the app.config to web.config, do the encryption and then rename it back?
.NET Developer
ASP.NET/jQuery Spell Checker