Encrypting Security Rules (EL 2)

Topics: Security Application Block
Oct 11, 2007 at 2:51 PM
We are using EL 2 and have a requirement to encrypt the Security Application Block rules in app.config -- basically we're concerned about distributing an app to our customers with the security configuration in clear text.

Is there a best practice for this?
Oct 12, 2007 at 2:33 PM
Hi,

That's a valid concern. The .NET Framework 2.0 natively supports configuration encryption.

EntLib v2 does not provide tools to help you encrypt the configuration, but this MSDN article should get you started on how to do it manually http://msdn2.microsoft.com/en-us/library/zhhddkxy.aspx. Be aware that you will also have to distribute the key containers so the configuration can be decrypted; the MSDN article links other articles addressing that specific task.

Regards,
Fernando