web.config 加密/解密 正确版

一般加密方式：

利用Aspnet_regiis：

cd C:WindowsMicrosoft.NETFrameworkv4.0.30319

aspnet_regiis -pe "connectionStrings" -app "/WcfFileUploadService" -prov "DataProtectionConfigurationProvider"
aspnet_regiis -pef "connectionStrings" "D:FieldUploadServicesWcfFileUploadService" -–prov "DataProtectionConfigurationProvider"

 利用代码：

 Configuration config = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);

            ConfigurationSection conSec = config.GetSection("connectionStrings");
            if (!conSec.SectionInformation.IsProtected)
            {
                conSec.SectionInformation.ProtectSection("DataProtectionConfigurationProvider");// Protect (encrypt)the section.
                conSec.SectionInformation.ForceSave = true;// Save the encrypted section.
                config.Save();
                Response.Write("connectionStrings操作成功！");
            }

            ConfigurationSection identSec = config.GetSection("system.web/identity");
            if (!identSec.SectionInformation.IsProtected)
            {
                identSec.SectionInformation.ProtectSection("DataProtectionConfigurationProvider");
                identSec.SectionInformation.ForceSave = true;
                config.Save();
                Response.Write("system.web/identity操作成功！");
            }

Configuration config = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
            
            ConfigurationSection section = config.GetSection("connectionStrings");//加密节点名称 appSettings、connectionStrings 、system.web/identity
            if (section.SectionInformation.IsProtected)
            {
                section.SectionInformation.UnprotectSection();
                config.Save();
                Response.Write("connectionStrings操作成功！");
            }

            ConfigurationSection identSec = config.GetSection("system.web/identity");
            if (identSec.SectionInformation.IsProtected)
            {
                identSec.SectionInformation.UnprotectSection();
                config.Save();
                Response.Write("system.web/identity操作成功！");
            }

RSA加密方式：
//RSA Encryption
aspnet_regiis -pc "MyKeys" -exp
aspnet_regiis -pa "MyKeys" "domainusername"
aspnet_regiis -pa "MyKeys" "NT AUTHORITYNETWORK"
aspnet_regiis -pa "MyKeys" "IIS APPPOOLDefaultAppPool" -full

<configProtectedData>
<providers>
<add name="MyProvider" type="System.Configuration.RsaProtectedConfigurationProvider,System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" keyContainerName="MyKeys" useMachineContainer="true" />
</providers>
</configProtectedData>

aspnet_regiis -pe "connectionStrings" -app "/WcfFileUploadService" -prov "MyProvider"
aspnet_regiis -pe "system.web/identity" -app "/WcfFileUploadService" -prov "MyProvider"

//Decryption
aspnet_regiis -pz "MyKeys"
aspnet_regiis -pd "connectionStrings" -app "/WcfFileUploadService"
aspnet_regiis -pd "system.web/identity" -app "/WcfFileUploadService"

如果对Identity加密,web.config将报错,需加：

  <system.webServer>
    <validation validateIntegratedModeConfiguration="false" />
  </system.webServer>