Sitefinity CMS enables you to encrypt sensitive data located in the system configurations. For example, you can encrypt passwords or secret keys. You configure encryption options per configuration section. The administrative backend UI (Administration -> Settings -> Advanced) exposes an option to encrypt settings, which are considered sensitive data. This functionality is available via the Show encryption options button, located in the upper right-hand corner of each configuration section, for example:
Clicking the button displays the persistence options for each applicable configuration setting:
Out of the box, Sitefinity CMS supports the following built-in options to persist configuration values:
NOTE: When retrieving a configuration setting value via the Sitefinity CMS Configurations API, you do not need to decrypt the value yourself - Sitefinity CMS will decrypt the value internally for you.
<appSettings>
You can customize the way Sitefinity CMS handles persistence of encrypted configuration settings. This is useful in cases where you want to use a different encryption algorithm for settings that are stored using the Encrypted persistence option, or if you want to specify different persistence location for settings where you have used the Link to App Setting option. For more information about the Sitefinity CMS configuration setting encryption options, see Encrypt sensitive data in configurations.
The default logic for encrypting configuration settings is implemented inside the SecretDataResolver class. To implement your custom logic, you must first add a new class that inherits from SecretDataResolver.
SecretDataResolver
The SecretDataResolver class exposes a Mode property, which helps Sitefinity CMS identify whether this resolver is used for working with configuration settings that are stored using one of the following modes:
Mode
In other words, you must implement a separate resolver for each of the modes and specify the Mode accordingly. You do this by overriding the Mode property in your custom class and returning either SecretDataMode.Encrypt or SecretDataMode.Link for its value.
SecretDataMode.Encrypt
SecretDataMode.Link
Once you have specified your resolver mode, you must override the GenerateKey and Resolve base methods. The implementation of these methods differs depending on the specified Mode:
GenerateKey
Resolve
pt
You register the custom resolver classes in the web.config file of your application. For example, to register the above demonstrated Encrypt and Link mode resolvers, modify the web.config in the following way:
web.config
As a result, the custom resolvers appear in the list of available configuration setting encryption options:
Increase your Sitefinity skills by signing up for our free trainings. Get Sitefinity-certified at Progress Education Community to boost your credentials.
This free lesson teaches administrators, marketers, and other business professionals how to use the Integration hub service to create automated workflows between Sitefinity and other business systems.
This free lesson teaches administrators the basics about protecting yor Sitefinity instance and its sites from external threats. Configure HTTPS, SSL, allow lists for trusted sites, and cookie security, among others.
The free on-demand video course teaches developers how to use Sitefinity .NET Core and leverage its decoupled architecture and new way of coding against the platform.
To submit feedback, please update your cookie settings and allow the usage of Functional cookies.
Your feedback about this content is important