About .NET Core / C# / Linux / Windows / CSS / HTML / Security and everything else…….
Encrypting / decrypting web.config sections
Determine the identity of your ASP.NET application. In most situations this will be the “NT AUTHORITYNETWORK SERVICE” account.
Grant the account determined in step 1 access to the machine-level RSA key container: aspnet_regiis -pa "NetFrameworkConfigurationKey" "NT AUTHORITYNETWORK SERVICE"
To encrypt your appSettings section execute the following command: aspnet_regiis -pe "appSettings" -app "/Site"
appSettings is casesensitive and /Site point to the virtual folder where your web.config is stored.
To decrypt the web.config section execute the following command: aspnet_regiis–pd "appSettings" –app "/Site"
Retrieving your encrypted settings can be done with the ConfigurationManager:
string username = ConfigurationManager.AppSettings["username"].ToString();