At the moment I am storing my connection strings in my app.config file in plain text. Bad practice, I know, and I am trying to encrypt them instead. I've referred to https://msdn.microsoft.com/en-us/library/ms254494(v=vs.110).aspx and haven't had an issue with getting the app.config part working on my machine.
My connection strings now look like this (I've left the cipher value out);
<connectionStrings configProtectionProvider="DataProtectionConfigurationProvider">
<EncryptedData>
<CipherData>
<CipherValue></CipherValue>
</CipherData>
</EncryptedData>
</connectionStrings>
My issue is when I come to use this on another machine. As the config file they are using has come from my machine, only my machine can decrypt the connectionstrings.
I cannot see past this and come up with a solution that allows the users machine to encrypt the config file without having an unencrypted version on their machine first.
Is there a solution that allows the users to encrypt the file themselves?
Related
I am preparing a single tool(web application) using which i should be able to change web.config file of various web applications hosted on different web servers.
I tried using WebConfigurationManager.OpenWebConfiguration(strings), but it takes only relative path but if i put shared location of different web servers web.config files, it fails.
MSDN ref:
https://msdn.microsoft.com/en-us/library/ms151456(v=vs.110).aspx
I think, in my case i will not be able to use WebConfigurationManager.OpenWebConfiguration.
Only option is XDocument.
Please suggest.
In past projects, I have used base and transform files with success: https://msdn.microsoft.com/en-us/library/vstudio/dd465318(v=vs.100).aspx.
As an example, we have a connection string in our web.config.base file like:
...
<connectionStrings>
<!-- Connection String Changes will be lost when this file is
regenerated - Please edit your transform file instead -->
<add
name="MainConnectionString"
connectionString="(default connection string)" />
and an entry in a web.config.transform file that looks like:
<connectionStrings>
<add name="MainConnectionString"
connectionString="(system-specific connection string)"
xdt:Transform="Replace"
xdt:Locator="Match(name)"
/>
The the web.config file is recreated when the application builds, with whatever connection string is defined in the local transform file replacing the default string. The web.config.base file is committed to our versioning system, while the transform is not.
So devs can have one transform file to connect to their local db's, qa servers have a different transform file, and demo servers have a different set again, all with a minimum of fuss, because most settings are kept in the web.config.base file, which is passed around with the repository, and only the connection string changes have to be maintained from one environment to the next.
We have recently hired new developers. Until now, we only have one developer who was committing all his changes on Visual SVN. But after new developers are hired, we are concerned about the security of our SQL credentials that reside in the web.config.
We either want (Not Prefered) to exclude web.config from the SVN and have all developers include their own version of web.config, which contains their SQL Connection string of the test machine. But we really don't need that. We want to have a class handle our sql connection string. That class should be designed in such a way that only the authorized computer should be able to connect to the production Sql server.
How does other teams tackle such an issue? can somebody help please?
You can store your connection strings in a seperate config file. You can use the configSource property to reference that file. That way, all developers will have their own connection strings. You add that specific file to the SVN ignore list, so it won't be sent to the SVN server when a commit is made.
<connectionStrings configSource="Config\connectionStrings.config"/>
Here's an example for the connectionStrings.config file:
<?xml version="1.0"?>
<connectionStrings>
<add name="Name"
providerName="System.Data.ProviderName"
connectionString="Valid Connection String;" />
</connectionStrings>
There should be nothing else in the file. Just the <connectionStrings>...</connectionStrings> content. Also, check the MSDN documentation to see how the configSource attribute should be used.
If I am encrypting the connection string section, anyone who has the web.config can reDecrypt the information.
There is no password key which is known only to me or something similar....
What's the idea here?? Anyone who will have that web.config with VS, will be able to decipher the info...
I dont get the idea...
You wrongly assume that anyone can decrypt the web.config. Once the config file section is encrypted, it can only be decrypted on the same machine (or the machine that has got the same key - this is for web farming).
Usually, it is fairly easy to download the actual web.config remotely (through vulnerabilities). But the malicious user will not have your key and will not be able to decrypt the file (or sections with sensitive data).
The point here is you have got to trust your site hoster, that is the sensitive key will not be distributed.
You can specify the encryption provider, but the default is the RSA provider. There is a key used, but it is 'secret'. So someone would need a privileges to run applications on your server, or unrestricted access to the file system in order to unencrypt your web.config.
This (especially step 2) talks about it:
http://msdn2.microsoft.com/en-us/library/ms998283.aspx
I don't know whether aspnet_regiis.exe tool uses keys to encrypt or decrypt web.config. But
If it stores in the web.config then It would be decrypted by anyone who has aspnet_regiis utlility installed but If it is stored in machine.config or in .Net Framework folder of the computer than It would not be decrypted by anyone.
I want to encrypt the password in connection string. When I make a connection to DB the connection string is openly stored in App.config and I need to find a way to keep only password encrypted.
Lets say this is your connection string:
<connectionStrings>
<add name="cs" connectionString="Data Source=myServerAddress;Initial Catalog=myDataBase;User Id=myUsername;Password=XXSDFASFDKSFJDKLJFDWERIODFSDFHSDJHKJNFJKSD;"/>
</connectionStrings>
Then you can do something like this:
string myCs = System.Configuration.ConfigurationManager.ConnectionStrings["cs"].ConnectionString;
System.Data.SqlClient.SqlConnectionStringBuilder csb = new System.Data.SqlClient.SqlConnectionStringBuilder(myCs);
csb.Password = EncDecHelper.Decrypt(csb.Password);
myCs = csb.ToString();
You can write EncDecHelper.Decrypt by using samples from here: Encrypt and decrypt a string
Use the connectionStrings configuration section and encrypt the whole section - instead of just the password.
This is safer as your app config will no longer have the server names and user names in plain text either.
There are how-to documents for encrypting configuration sections on MSDN for RSA or DPAPI.
Maybe decrypt connection string from your config before application was loaded.
As an addition to the other answers, isn't it better to use the file in Source Control as a template, with just dev/test encrypted connection strings so that it works in dev/test.
For production (or other environments the app is deployed to), the encrypted credentials file is generated separately to the specified template format, managed/updated/deployed separately, has appropriate security permissions applied, never seen by anyone other than DBA/DevOps.
Please share your thoughts if there is any way to encrypt app.config section with out changing code? I know that we can use aspnet_regiis.exe to encrypt the web.config file.
I came across some blogs to rename app.config to web.config and run aspnet_regiis -pef command. I am able to create an encrypted version of app.config file but application failed to read the keys from encrypted app.config. so this approach didnt work for me.
Many thanks
What about this way? Are you able to do that?
Encrypt your connection strings and stored procedure names in app.config. (Use like tripleDes)
Store your encrypted values in app.config.(like: ConnectionString="asdasfasfasfdsdgsdfa")
After reading value from app.config, decrypt it with your service and use.
by the way I found my old answer about ready to use Crypto Class :)
.NET: what are my options for decrypting a password in my project .setting file