encrypting connection strings for network installed application

I have an application which is installed on a network share to be run
from one or more workstations. I have granted trust to the
applications on the workstations and the appropriate permissions on the
shared folder and the user's can execute the app with no problem.

I do have a problem, however, after the application starts. In the
application's .config file, the connectionStrings section of the file
is encrypted upon first run of the app (this is temporary). When
encrypted, the connectionStrings section can only be successfully
decrypted on the machine that first encrypted it. Other workstations
will not be able to run because they cannot decrypt the
connectionStrings section.

Here is the code used to encrypt the connectionStrings section of the
..config file:

//Encrypts the connectionStrings section of the .config file if
not already
static void ConfigEncryption()
{
string exeName = Assembly.GetExecutingAssembly().Location;

// Open the configuration file and retrieve
// the connectionStrings section.
Configuration config =
ConfigurationManager.OpenExeConfiguration(exeName);

ConnectionStringsSection section =
config.GetSection("connectionStrings") as ConnectionStringsSection;

//If the section is not already encrypted
if (!section.SectionInformation.IsProtected)
{
// Encrypt the section.

section.SectionInformation.ProtectSection("RsaProtectedConfigurationProvider");

// Save the current configuration if we encrypted it
config.Save();
}
}

I believe my problem stems from the fact that when encrypted, the
encryption keys used are based on the machine that did the encrypting.
Other machines, because they do not have the keys, cannot decrypt the
connectionString. Somehow, I need to let the other workstations know
how to decrypt the connectionString section of the .config file.

Can anyone suggest any means to do what I want? What I want is the
following:

1. Be able to run the app from a network share from one or more
workstations.
2. Be able to encrypt the connectionStrings section of the .config
file.

Thanks for any information,

Chris

.

Relevant Pages

  • Re: encrypting connection strings for network installed application
    ... | applications on the workstations and the appropriate permissions on the ... | application's .config file, the connectionStrings section of the file ... Be able to encrypt the connectionStrings section of the .config ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: Web.config or App.config Security
    ... I would be surprised if you could use Data Protection Provider from a Web ... If I understand it correctly, it uses DPAPI, but DPAPI (with ... .config file. ... > encrypt all my configurations files. ...
    (microsoft.public.dotnet.security)
  • Re: Encrypting/Decrypting Password from a Config File
    ... > I am looking for a way to encrypt a password in a configuration file ... > out in the open if someone were to look at the config file. ... > application would read encrypted password, decrypt the password back ... > // Create Encryption cipher ...
    (comp.lang.java.programmer)
  • Encrypting/Decrypting Password from a Config File
    ... I am looking for a way to encrypt a password in a configuration file ... out in the open if someone were to look at the config file. ... decrypt the password back ... String decryptedString = new String; ...
    (comp.lang.java.programmer)
  • Re: Help Encrypting Connection String
    ... but I have to do it on SQL Server instead of SQL ... If I'm retrieving the connection string in my own code, ... > in 2.0 you can encrypt nearly all config section out of the box using the ... >> the config file, but .NET 2.0 has more options. ...
    (microsoft.public.dotnet.framework.aspnet.security)