Hello Developers,
I am working on scenario to encrypt sections of web.config (like ConnectionStrings) before deployment to the production environment.
There is a dedicated staging environment which produces deployment ready binaries. So the encryption of web.config sections needs to be done out side the production environment.
To accomplish this I am trying to use Asymmetric public key encryption using RsaProtectedConfigurationProvider and aspnet_regiis tool-
From Staging machine -
1) Create a RSA Key container on Production machine
2) Export only Public key of RSA key container
3) Import public key to Staging machine
4) Encrypt web.config sections using the exported public key on staging machine
5) Prepare deployment binaries and deploy on production
6) Granting Authority to Access an RSA Key Container on production
So basically its the standard way as ...
Go to the complete details ...