0

DNN 8 appears to have an encrypted connection string to access its database:

<connectionStrings configProtectionProvider="RsaProtectedConfigurationProvider">
  <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns="http://www.w3.org/2001/04/xmlenc#">
    <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
    <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
      <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
        <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
        <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
          <KeyName>Rsa Key</KeyName>
        </KeyInfo>
        <CipherData>
          <CipherValue>MINjgIFInXezSIMnkeV2AoPfb69wdpXKG89QUv2IHlPwwsEg5VZjWWOx+Cf/xXzFhrPQV3QINry5WYq/KCBnsfIHfQHJSzzVtqkXB/OX2/oDSHZc7lRVIExNdHCkmSmyRneZP5hJEN6qm6RTHncJbmPLk7zO2D7om5SyfJ48bzo=</CipherValue>
        </CipherData>
      </EncryptedKey>
    </KeyInfo>
    <CipherData>
      <CipherValue>JRI+aV/tS2D0Xf3bDV2MJIqj6m0csfxF3KzRse4ij/H77NZSlP8BfHlfYk6Iw1jtbE2T2BZc7wjDj7CqFbqqRRUQMQE41XlP9VQQU/uIxR6R7AafCgTiE/iUUlACEvweRPw2y8p+vGF4zpzUS67OGb3tZgA6kUrg0piJLSWJvXvsZ/MFUMZy6OFljKQGKVTnsd94CUKonf0NmpuuSYSVKsbuPxZzQ4H1wg+H4vFkbOUJSjv13J0ioRtFOpPdugtPW/FdDAS+Y4hGfGUrpqXT6604+JuJc53/yAVsXDvzHWQ=</CipherValue>
    </CipherData>
  </EncryptedData>
</connectionStrings>

I would like to add another connection string to a separate database that I need to access while developing custom modules. How do I add an unencrypted connection string or, how do I encrypt the additional connection string and add it to the web.config?

VDWWD
  • 35,079
  • 22
  • 62
  • 79
BKahuna
  • 601
  • 2
  • 11
  • 23
  • FYI I don't think DNN encrypts those out of the box, of my hundreds of DNN installs I've never seen it without manually doing it. – Chris Hammond Feb 16 '17 at 02:15
  • I'd never seen it before either. But I'd never installed version 8 before. I'm certain I didn't encrypt it! – BKahuna Feb 17 '17 at 20:26

2 Answers2

1

Solved it. You have to decrypt the connectionString section of the web.config then you can add additional connection strings. You can re-encrypt if you like after that (or leave it as is). To decrypt:

Install the .NET SDK on the web server

Call up an elevated command prompt

Enter: aspnet_regiis -pdf "connectionStrings" "path to folder containing web.config"

If all goes well, this will decrypt your connection string

BKahuna
  • 601
  • 2
  • 11
  • 23
0

In the web.config file, simply go to the connectionStrings node and add a new record there. Here's a sample (you wouldn't need to add the connectionStrings node, just insert your new record before the ending node.

  <connectionStrings>
    <add name="NewSQLConnection" connectionString="Data Source=ServerName;Initial Catalog=DatabaseName;User ID=DatabaseUser;Password=DataBasePassword" providerName="System.Data.SqlClient" />
  </connectionStrings>
Chris Hammond
  • 8,873
  • 1
  • 26
  • 34
  • Thanks but I'm afraid it isn't that easy. My configurationstrings are encrypted and you can't just add an unencrypted record to the node. It throws an error about a malformed web.config if you do so (The section is marked as being protected...). – BKahuna Feb 15 '17 at 23:50