I have an MVC2.NET 4.0 application hosted on TFS 2008 (it will be TFS 2010 soon) that uses connection strings in web.configto connect to the database on another server. I need to encrypt these connection strings.
As I understand it, I can use aspnet_regiis.exepart of the file connection string for encryption web.config, but I have to do this on the deployment machine, because encryption uses the name of the machine to generate the encryption key.
Now it seems to me that this presents a problem: every time I deploy my code on the dev server, it does not overwrite the web.config file and needs re-encryption? Such a manual process seems empty.
As I understand it, I need to re-encrypt after proper deployment?
If so, is there a way to automate this process? I do not want to forget about it or get a new member of the team who does not know this process and has a connection string open to the world.
source
share