- Create a copy of your App.config called web.config. This is because the command line tool you will use to encrypt your settings will look for a web.config.
- Open the Developer Command Prompt for VS
- Enter the following command:
aspnet_regiis -pef [section to encrypt] [path containing web.config]
- Copy the contents of the web.config into the App.config.
It is best that you have a separate section from appSettings for your encrypted settings as this will mean you will be able to change plain-text settings e.g. API URLs or retry attempts, without having to go through the encryption process. To create this section your App.config before encryption could look as follows:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<configSections>
<section name="EncryptedSettings"
type="System.Configuration.NameValueSectionHandler" />
</configSections>
<startup>
<supportedRuntime version="v4.0"
sku=".NETFramework,Version=v4.5" />
</startup>
<appSettings>
<add key="RetryAttempts" value="3" />
</appSettings>
<EncryptedSettings>
<add key="username" value="username" />
<add key="password" value="password" />
</EncryptedSettings>
</configuration>
If your web.config existed in your C:\Encryption directory, it could be encrypted using the command:
aspnet_regiis -pef "EncryptedSettings" C:\EncryptionThis section of the App.config can be accessed from the code as follows:
string devUrl = string.Empty;
var settings = ConfigurationManager.GetSection("EncryptedSettings")
as NameValueCollection;
var username = settings["username"];
