I got a request for how to do the encryption of the web.config but this time in VB, so I thought I'd post it here on the blog as well. The logic is about the same, although I found that in VB I had to add a line to the configuration to save the new settings. The code for this in vb.net (adding to the global.asax file in the "Session_Start" subroutine:
Sub Session_Start(ByVal sender As Object, ByVal e As EventArgs) ' Code that runs when a new session is started EncryptSection("appSettings") End Sub Private Sub EncryptSection(ByVal sSection As String) Dim config As Configuration = System.Web.Configuration.WebConfigurationManager.OpenWebConfiguration(Context.Request.ApplicationPath) Dim configSection As ConfigurationSection = config.GetSection(sSection) If configSection.SectionInformation.IsProtected = False Then configSection.SectionInformation.ProtectSection("DataProtectionConfigurationProvider") config.Save() End If End Sub
Sub Session_Start(ByVal sender As Object, ByVal e As EventArgs)
' Code that runs when a new session is started
EncryptSection("appSettings")
End Sub
Private Sub EncryptSection(ByVal sSection As String)
Dim config As Configuration = System.Web.Configuration.WebConfigurationManager.OpenWebConfiguration(Context.Request.ApplicationPath)
Dim configSection As ConfigurationSection = config.GetSection(sSection)
If configSection.SectionInformation.IsProtected = False Then
configSection.SectionInformation.ProtectSection("DataProtectionConfigurationProvider")
config.Save()
End If