In a .NET 4.0 website, which web.config sections can be encrypted?
I read that not all sections can be encrypted, but I can't find anything detailing which sections can.
From the MSDN docs, it's clear that one can encrypt and decrypt a
web.config section using the
Aspnet_regiis.exe tool with the
–pe option and the name of the configuration element to be encrypted as long as the section is not one of these ones:
The following is a list of configuration sections that cannot be encrypted using protected configuration: processModel, runtime, mscorlib, startup, system.runtime.remoting, configProtectedData, satelliteassemblies, cryptographySettings, cryptoNameMapping, and cryptoClasses. It is recommended that you use other means of encrypting sensitive information, such as the ASP.NET Set Registry console application (Aspnet_setreg.exe) tool, to protect sensitive information in these configuration sections.
Here's what you need to encrypt all other possible sections: