Web Hosting - connection string on server

This article covers some basic steps and commands to encrypt your connection string and other items in a configuration file using ASP.NET 2.0. Microsoft has made it easier to have a portable key that encrypts certain sections in a web.config that are normally clear text. I have not found a quick how-to reference to allow for a scenario where the key is both on a local development machine along with being on a remote web server. Developers like to test out their code locally before publishing to production.
In our case, we have shared clients at ORCS Web that want to encrypt their information for added security. ASP.NET 2.0 makes this simple. I am not going to cover this topic and I am assuming you already know this. If not, several good articles explain the architecture, basic commands etc. This article covers the scenario of creating a key on a production server then exporting the keys to an XML file where the developer can import and use on their local machine. The web.config is encrypted on their local dev box as well as on the remote server using the same RSA key.

Links to articles covering encrypting connection strings:

Step 1 – Create the Key - this has to be executed on the remote server:

How to create a key locally on shared server. The example key is named ‘YourCustomKey’ (without quotes) this can be named anything. These are stored in C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys. Make sure the 'everyone' group has proper folder permissions to make this work

Step 2 - Add to container: (this command creates the key)

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis -pc "YourCustomKey" -exp

Step 3 - Added to web.config at the root of the folder for the website. This has to be there prior to encrypting. This would be placed in the configuration file: