I'm working with Visual Studio 2008 Pro SP1, .Net 3.5 SP1, on Windows XP box.
I have created a Windows application that will be distributed to multiple users over the Internet, well at least that was the plan, until I realized my app.config file exposes the connectionString information to anyone to see.
I had been trying to follow a solution, provided by Steven Cheng, from a 07/2006 question asked on this forum titled "Encryption of application configuration block", which suggested using aspnet_regiis to create a custom RSA key that is supposed to allow me to encrypt my app.config on my development box; and provide a means to include a decryption routine within my deployment package.
To be honest, I'm not getting it??? First of all, creating the RSA key is anything but simple. For example, when I run the aspnet_regiis command as stated in the Microsoft documentation, http://msdn.microsoft.com/en-us/library/2w117ede.aspx, the Help screen scrolls by, as if my command syntax is wrong??
Secondly, this particular document is approaching the question as if I were working with an ASP.Net application as opposed to a Windows Form app.
All I want is to figure out how to encrypt the connectionString section of the app.config file; and figure out how to decrypt the connectionString section (on-the-fly) when a user uses my application on their computer.
I would really appreciate step-by-step guidance in resolving this problem.
Thanks in advance