Jump to content
Sign in to follow this  
support

Encrypting and Decrypting the Web.config file

Recommended Posts

This forum post will show you how to encrypt and decrypt your web.config file.

 

A standard web.config file will be in clear text, and two important parts of this file are the "Connection String" section, and the "AppSettings" section.  The Connection String section holds the credentials that your Passwordstate website uses to connect to your database.  So it will contain the Server name, the Database name and database instance if it is applicable, and the SQL username and password.

 

The AppSettings section contains the:

  • Web Server Guid, which is a unique value based on your web server name
  • Two Secret Keys which are used to protect your website from being accessed if your database is stolen
  • The Set up Stage of your install
  • The Passive Node status of your website.

 

A clear text web.config file looks like this:

2019-05-15_12-31-43.png

 

An encrypted web.config file looks like this:

2019-05-15_12-34-50.png

 

As you can see, the encrypted web.config file is not readable, and this can protect your information in the event your web server has been compromised.

 

Encrypting your web.config file can be executed by the following process Section 10 of this Install Document:  https://www.clickstudios.com.au/downloads/version8/Installation_Instructions.pdf

 

Decrypting the web.config file must be carried out on the same server where it was encrypted, otherwise this process will not work.  This is part of the security and is built in to the operating system.  If you are migrating your Passwordstate website to a new server, it must be decrypted first on the old server, otherwise your website will not load. To decrypt your web.config file, please follow Section 11 in the same document:  https://www.clickstudios.com.au/downloads/version8/Installation_Instructions.pdf

 

If you have any more questions about this, please contact Click Studios support via email, and we'll help in any way we can.

 

Regards,

Support.

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×