[]
        
(Showing Draft Content)

Encrypt or Decrypt Connection Strings

In Wyn Enterprise, we use connection strings to connect to a database server. These connection strings are typically stored in the configuration file of the application. It means that the connection-specific information such as the server name, database name, username, password, etc. are stored in plain text in the configuration file. This provides attackers an easy access to highly sensitive data in the file.


In order to protect the sensitive data in the configuration file, we should encrypt the connection strings. This is the best way to secure the credentials and other important details in the configuration file. Refer to the below sections that describe the different ways to encrypt a connection string using the Wyn Enterprise installer and the console tool.

Using Installer

You can enable the option to encrypt the connection string during the Wyn Enterprise installation process as shown.

  • Windows

    enable-encrypt-database


  • Linux

    Encrypted Tool in Ubuntu Wyn Installer

Using Console Tool

You can manually encrypt or decrypt a connection string in the configuration file by using the console tool located here -

  • Windows - C:\Program Files\Wyn Enterprise\Tools\EncryptOrDecryptString

    Encryption Tool Directory

  • Linux - /opt/Wyn/Tools/EncryptOrDecryptString/

    Ubuntu Encryption Tool Directory

Note: The console tool is automatically installed during the Wyn Enterprise installation process.

The following steps describe how to encrypt the connection strings using the console tool in Windows.

  1. Open the Command Prompt.

  2. Enter the directory where the console tool is located, i.e. C:\Program Files\Wyn Enterprise\Tools\EncryptOrDecryptString to access eods.dll.


    Encryption Tool Directory

  3. Copy the unencrypted database connection string from the configuration file (i.e. Wyn.conf) located here - C:\Program Files\Wyn Enterprise\Monitor\conf. Note that the configuration file in Linux is located here - /opt/Wyn/Monitor/Wyn.conf.


    Encrypt String Example

  4. Run the following command to encrypt the connection string - dotnet eods.dll 0 ConnectionString where 'ConnectionString' refers to the unencrypted database connection string.


    Encryption Tool Directory

  5. Press the Enter key. The database connection string is now encrypted.


    Encryption Tool Directory

  6. Replace the string with the encrypted connection string, and then set the EnableEncryptedConnectionString node in the configuration file to 'True' as shown.


    Enable Encrypt String

  7. Restart the Wyn Services.

The changes are applied after the WynService is restarted.


The following steps describe how to decrypt the connection strings using the console tool in Windows.

  1. Open the Command Prompt.

  2. Enter the directory where the console tool is located, i.e. C:\Program Files\Wyn Enterprise\Tools\EncryptOrDecryptString to access eods.dll.


    Encryption Tool Directory

  3. Copy the encrypted database connection string from the configuration file (i.e. Wyn.conf) located here - C:\Program Files\Wyn Enterprise\Monitor\conf. Note that the configuration file in Linux is located here - /opt/Wyn/Monitor/Wyn.conf.

  4. Run the following command to decrypt the connection string- dotnet eods.dll 1 ConnectionString where 'ConnectionString' refers to the encrypted database connection string.


    Encryption Tool Directory

  5. Press the Enter key. The database connection string is now decrypted.


    Encryption Tool Directory

  6. Replace the string with the unencrypted connection string, and then set the EnableEncryptedConnectionString node in the configuration file to 'False' as shown.


    Enable Encrypt String

  7. Restart the Wyn Services.