To follow current industry practices and provide increased overall online application security, the 2.33.00 release of the SPIRIT WIC system allows the connection strings in the web.config (or machine.config) files used by the Vendor Online Application (VOA) and Vendor Online Price Survey (VOPS) application modules to be encrypted and decrypted using the .NET Framework Command Prompt tool.
|
NOTE: Before deploying new Vendor Online Application (VOA) or Vendor Online Price Survey (VOPS) software updates, be sure that no VOA or VOPS sessions are active in your environment. If sessions are active during the deployment process, the web.config files may reset back to their original decrypted state. If this occurs, complete the steps in the Encrypt the connectionStrings in web.config files tutorial again to re-encrypt the web.config files. |
The tutorials below provide instructions to encrypt and decrypt the connectionStrings section in the web.config (or machine.config) files used by the Vendor Online Application (VOA) and Vendor Online Price Survey (VOPS) application modules.
|
NOTE: The steps provided in this documentation are not intended for environments that use complex large load balanced or clustered IIS web farms. If your state’s environment uses a large load balanced or clustered IIS web farm, a shared or custom RSA key (or possibly even a custom provider) may be necessary to successfully encrypt the configuration files in your environment. Please see guidance on ASPNET_REGIIS switch options from Microsoft (or another preferred knowledge base) for more information about these advanced scenarios. |
Refer to the following tutorials for step-by-step instructions:
|
Software Version: 2.40.00
