I am Joannes Vermorel, founder at Lokad. I am also an engineer from the Corps des Mines who initially graduated from the ENS.

I have been passionate about computer science, software matters and data mining for almost two decades. (RSS - ATOM)

« Tracking file downloads in Google Analytics AND Google Adwords | Main | Velib's from a software engineer viewpoint »

Crypt your config files with PowerShell 

ASP.Net 2.0 comes with a convenient native support for configuration file encryption. Yet, things are still not that easy for WinForms, Console applications or Windows Services since the aspnet_regiis.exe utility only supports Web Configuration files.

My own μISV has its share of distributed applications which involve securing a few connection strings over several machines. Securing the connection strings through encryption is not an ultimate defense (if the attacker gains executions rights on the local machine, connection strings will get disclosed anyway), but it can still save you a lot of trouble such as involuntary disclosure.


I have found a practical way to solve the issue through PowerShell (see the PowerShell team blog for regular tips), namely two functions crypt-config and decrypt-config. The source code comes as single PSH script contains the function definitions.

To get started, extract the PS1 file from the Zip archive, then

PS docs:\> . ($directory + "\crypt-config.ps1") ;

PS docs:\>crypt-config 'MyConsole.exe' 'section';

PS docs:\>decrypt-config 'MyConsole.exe' 'section';

Typically, section will be replaced by connectionStrings. Note that you do not need to add the .config at the end of the configuration file path.

References (1)

References allow you to track sources for this article, as well as articles that were written in response to this article.
  • Response
    Response: All satellite tv
    Hello everyone. This is a truly fantastic site, which I stumbled upon through google, I must say it has been a pleasure viewing this site and I am very happy that I found it, excellent content, keep up the good work and good luck. Help me! I can not find sites ...

Reader Comments (1)

Notes: if you are just interested in password encryption within PowerShell, just have a look at!13469C7B7CE6E911!273.entry

November 1, 2007 | Unregistered Commenterjoannes
Comments for this entry have been disabled. Additional comments may not be added to this entry at this time.