The connection string within the web.config file contains sensitive information and you may not want to disclose this information to users where WealthWorks+ is installed. If WealthWorks+ is installed in a shared or hosted environment, it is possible to encrypt the connection string.
ASP.NET 4.0 provides functionality to encrypt few sections of web.config file. The task can be completed using Aspnet_regiis.exe. found in %windir%\Microsoft.NET\Framework\v4.0.30319
To encrypt the connection string sections of the web.config file follow these steps:
- From a command prompt, type following command:
aspnet_regiis.exe -pe “connectionStrings” -app “/WealthWorksPlus”
-pe indicates that the application is built as IIS based site.
The second argument is the name of configuration section needs to be encrypted. Third argument “-app” indicates virtual directory and last argument is the name of virtual directory where application is deployed. - You should receive a message as follows:- “Encrypting configuration section…Succeeded!”
Open your WealthWorks+ web.config file using Notepad to verify that the connection string is encrypted.
WealthWorks+ and the .NET framework will decrypt this connection string automatically.
To decrypt the configuration section in web.config file use following command:
- aspnet_regiis.exe -pd “connectionStrings” -app “/WealthWorksPlus”