I am going to implement encryption of my connection string in my app.config file for the first time.
This is the code I will be referencing from MSDN:
static void ToggleConfigEncryption(string exeConfigName)
{
// Takes the executable file name without the
// .config extension.
try
{
// Open the configuration file and retrieve
// the connectionStrings section.
Configuration config = ConfigurationManager.
OpenExeConfiguration(exeConfigName);
ConnectionStringsSection section =
config.GetSection("connectionStrings")
as ConnectionStringsSection;
if (section.SectionInformation.IsProtected)
{
// Remove encryption.
section.SectionInformation.UnprotectSection();
}
else
{
// Encrypt the section.
section.SectionInformation.ProtectSection(
"DataProtectionConfigurationProvider");
}
// Save the current configuration.
config.Save();
Console.WriteLine("Protected={0}",
section.SectionInformation.IsProtected);
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
}My question is: Does this encrypt and decrypt the connection in the app.config.exe file each time the program is run? I am not exactly clear on how to use this. From my understanding I write my connection string into my app.config file located in my solution explorer then call this code on application load up and once it is in production the config file turns into a config.exe which is always encrypted from prying eyes? I am not sure how to connect saving the connection string during development to the encryption process.