locked
Securing web.config for multiple machines. RRS feed

  • Question

  • User1052662409 posted

    HI All,

    I  want to secure my web config file i.e. I am implementing encryption and description for my web config.

    I gone through many articles like using aspnet_regiis.exe you can secure your webconfig and it is working also. Bit it works for a single machine.

    I need a single solution so that It could work on multiple machines. I dont want to run aspnet_regiis.exe on every machines.

    Please suggest. 

    Wednesday, June 20, 2018 5:44 AM

Answers

  • User283571144 posted

    Hi demoninside9,

    According to this article, you could find the aspnet_regiis could use the machine key to encrypt the web config.

    So if all the machine use the same machine key, it will work well.

    Besides, you could create RSA to encrypt the web config.

    It could also work well with different machine in the server farm.

    More details, you could refer to below article.

    https://www.codeproject.com/Tips/877258/How-to-Encrypt-Web-config-Using-aspnet-regiis-exe 

    Best Regards,

    Brando

     

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, June 21, 2018 7:24 AM

All replies

  • User753101303 posted

    Hi,

    I assume it should work if you have the same key on all machines. Is this acceptable ? Another option would be to move sensitive values ouf the web.config file maybe? You are using a connection string with a db user name and password ?

    Wednesday, June 20, 2018 8:04 AM
  • User1052662409 posted

    I assume it should work if you have the same key on all machines.

    Sir, is there any reference or solution?

    Wednesday, June 20, 2018 9:54 AM
  • User283571144 posted

    Hi demoninside9,

    According to this article, you could find the aspnet_regiis could use the machine key to encrypt the web config.

    So if all the machine use the same machine key, it will work well.

    Besides, you could create RSA to encrypt the web config.

    It could also work well with different machine in the server farm.

    More details, you could refer to below article.

    https://www.codeproject.com/Tips/877258/How-to-Encrypt-Web-config-Using-aspnet-regiis-exe 

    Best Regards,

    Brando

     

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, June 21, 2018 7:24 AM
  • User533502567 posted

    demoninside9

    PatriceSc

    I assume it should work if you have the same key on all machines.

    Sir, is there any reference or solution?

    You can set same machinekey in machine.config file  (.net framework directory)

    Saturday, June 23, 2018 8:45 PM