encrypting web.config in web farm

Question

I want to encrypt the connectionstrings in my web.config. And my application will be deployed in web farm.

I tried reading some blogs about this, but got confused.

Can somebody tell me a link which they have really tried and got succeded.

Answer 1

You may have considered this, but if not: the RSAProtectedConfigurationProvider can use either machine-level or user-level keys to encrypt. The default is machine-level. This means you can't encrypt your web.config once and deploy it to every machine in your web farm. You must encrypt it on each machine since the key to encrypt and decrypt only exists on that machine.

You can get around this problem by using a user-level key or sharing a key across all web farm machines:

• Import/Export keys - http://msdn.microsoft.com/en-us/library/yxw286t2(VS.80).aspx
• Machine-level verus user-level key containers - http://msdn.microsoft.com/en-us/library/f5cs0acs(VS.80).aspx

Answer 2

We use the RSA Protected Configuration provider . That page isn't light reading, but it's got what you need.

I recommend the command like so (example from the article):

aspnet_regiis.exe -pef "connectionStrings" C:\\Projects\\MachineRSA

Answer 3

Before encrypting the connection strings, think about what you are trying to protect against by encrypting them. Your application will need access to the cleartext connection string in order and therefore will need access to the key. Therefore, an attacker who compromises your ASP.Net application will likely be able to steal the key and your protected connection string. So encryption is not really adding much benefit.

Instead of encryption, focus on how that file is handled by operations personnel and the file permissions that are applied in production. Only allow Read access to the ASP.Net worker pool account that your application runs as.