Encrypting Web.config Connection Strings

1. <?xml version="1.0"?>
2.  
3. <!--
4.  Use this as a template for when you need to update the encrypted connection strings in
5.  `ConnectinStrings.config`
6.  
7.  To encrypt the `connectionStrings` section:
8.  
9.    1. Make a copy of this file and rename it to `Web.config` temporary.
10.       (`aspnet_regiis.exe` only succeeds if you name it that.)
11.      
12.    2. Open a command prompt in the current directory.
13.    
14.    3. Run `C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe -pef "connectionStrings" "."`
15.    
16.    4. The `connectionStrings` section has now been encrypted in place.
17.    
18.    5. Rename the temporary `Web.config` file to `ConnectionStrings.config`
19.    
20.    6. In the newly created `ConnectionStrings.config`, make the `connectionStrings` section as the
21.       root element by removing `configuration` as the root element.
22.      
23.       You have to do this since `ConnectionStrings.config` is loaded into the application's root
24.       `Web.config` using `configSource`.
25.  
26.  To decrypt the `connectionStrings` section in place:
27.  
28.    1. Rename `ConnectionStrings` to `Web.config`
29.       (because `aspnet_regiis.exe` only succeeds if you name it that)
30.      
31.    2. Add a `<configuration>` tag and make it the root element enclosing `<connectionStrings>
32.       (again for `aspnet_regiis.exe`)
33.      
34.    3. Open a command prompt in the current directory.
35.    
36.    4. Run `C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe -pdf "connectionStrings" "."`
37.    
38.    5. The connection strings are now unencrypted.
39. -->
40. <configuration>
41.   <connectionStrings>
42.     <add name="ConnectionStringName" connectionString="Foo=bar;" />
43.   </connectionStrings>
44. </configuration>