Tamper-proof configuration files in .NET?

We ship a .NET application with an associated configuration file. Our consultants create the configuration file during installation. We'd like to make it hard for the client to tamper with the configuration file.

What avenues do we have?

At the moment, I'm thinking about signing the configuration file with our private key and verifying it against the public key when the application starts. I'd then hide the public key in the EXE somewhere.

How might I go about doing this? Are there better ways to do this?

Note: I'm <strong>aware</strong> that this will <strong>not prevent</strong> a <strong>determined</strong> attacker. We're looking at closing off some of the easiest routes and moving the effort required into deliberate, rather than negligent, infringement.


This doesn't make any sense. You are shipping a configuration file. It's used for configuring the application. But you don't want it to be changed? So then it can't be used to configure the application. So, then why even bother with a configuration file? Why not just embed it as a resource in the application itself?

What am I missing?

Edit, to respond to your new information:

Use XMLDSIG. Sign the app.config. Verify the signature.


You can encrypt sections of your configuration file with the aspnet_regiis command line utility. It uses the DPAPI by default (I believe) but it can also support other encryption algorithms. So you can use this to encrypt your connection string or app setting sections of your file (or any other sections).


  • Update All Rows in DataBase with a hash value [closed]
  • Sign a XML file with .pfx certificate using PHP
  • SQLite HAVING comparison error
  • Get all stl vector elements greater than a value
  • @ngboostrap Bootstrap's JavaScript requires jQuery. jQuery must be included before Bootstrap�
  • Where to put clearQueue in jQuery code
  • How to get value of the slider, when touchend or mouseup events are used?
  • How can I merge my files when the folder structure has changed using Borland StarTeam?
  • change color of jstree node
  • Changing media screen makes div overlay
  • jquery code not working without breakpoint
  • Javascript/Jquery runs fast in desktop browsers, but slow in mobile/smartphone browsers…should I spl
  • Consuming a WCF service in a Java Client using wsHttpBinding
  • netsh acl setting (need alternative method - registry settings?)
  • KnockoutObservableArray with typed elements in TypeScript
  • aapt.exe'' finished with non-zero exit value 1
  • OSX - always hide certain files
  • Bash if statement with multiple conditions
  • Suppressing passwd when calling sqlplus from shell script
  • Code in Job's Script Block after Start-Process Does not Execute
  • why xml file does not aligned properly after append the string in beginning and end of the file usin
  • JQuery Internet Explorer and ajaxstop
  • Android full screen on only one activity?
  • Python CGI os.system causing malformed header
  • QLineEdit password safety
  • WinForms: two way TextBox problem
  • Validaiting emails with Net.Mail MailAddress
  • Running a C# exe file
  • Which linear programming package should I use for high numbers of constraints and “warm starts” [clo
  • Javascript + PHP Encryption with pidCrypt
  • Jquery - Jquery Wysiwyg return html as a string
  • WOWZA + RTMP + HTML5 Playback?
  • Confusion with PayPal's monthly billing cycle
  • JTable with a ScrollPane misbehaving
  • how does django model after text[] in postgresql [duplicate]
  • How to CLICK on IE download dialog box i.e.(Open, Save, Save As…)
  • How does Linux kernel interrupt the application?
  • unknown Exception android
  • failed to connect to specific WiFi in android programmatically
  • How can I use threading to 'tick' a timer to be accessed by other threads?