I am going to encrypt connection string in web.config using aspnet_regiis.exe tool.
Not sure how connection string is decrypted on server so wana ask, if I encrypt on my development machine and deploy on server, will it work ? Or it should be encrypted on same machine where it is going to be executed ?
If you use aspnet_regiis.exe tool, then you will need to do it on each server separately, because the encryption is married to the server where the encryption key was generated. So the short answer is, if you do this method, no your DEV encryption key will not work when you deploy to other environments.
However, if you want to be able to encrypt on one server and deploy it to other servers re-using the same key, then you need to Encrypt Configuration Sections in ASP.NET 2.0 Using RSA. This works, because you can export RSA keys. This technique is especially useful in web farm scenarios (i.e. multiple front-end web servers).
