Encrypting sections in configuration files

You can face a problem with your connection strings or other confidential and critical information is stored in configuration file when hosting web site or distributing application to clients.

You have many solution options in this case like using SSO, SSS, store encrypted data in a database. But these methods are time consuming and sometime expensive.

The solution I can offer is to encrypt data in configuration file using System.Configuration library from .NET

Add reference to System.Configuration to your project
and run this code once
// Get the current configuration file.
System.Configuration.Configuration config =

// Get the section.
ConfigurationSection section =
// Protect (encrypt)the section.

// Save the encrypted section.
section.SectionInformation.ForceSave = true;


You will need to add also using System.Configuration;
this code will encrypt your Connection Strings in configuration section.
The great part of this method is the encryption is transparent, you will not need to decrypt Connection Strings each you need to use them.


Popular posts from this blog

Testing Azure Functions locally with automated integration test

Running Stockfish hosted in Azure function

Consuming Web API using JavaScript and XMLHttpRequest method