Securing web.config and app.config in a web farm scenario programmatically

Question

This is my first post on this forum. I have a question in regards to securing connection strings in web.config and app.config for a solution I am working on. I have a web farm with a central node that's used to push out the solution to all the servers in the web farm, this is done using a batch script.

I would like to secure the connection strings in the web and app configs on all the solutions. I know that aspnet_regiis can only be used with web.configs so it's not an option and I built a small app that secures connection strings for web and app configs but it only runs on one machine, how can I programmatically secure web and app configs in a web farm scenario? I haven't tested it yet, because I imagine it will fail, but can I just copy the programmatically secured web.config and app.config to all the servers and it will...just...work?

Answer 1

It will work, provided you do have the same machineKey value set for each machine. You can set it in machine.config file in framework home directory.