In previous versions of asp.net mvc we could (rsa) encrypt portions (ie, connection strings) of our configuration files using aspnet_regiis encrypt command.

Now stepping forward to asp.net core I can't figure out how to encrypt portions or protect sensitive information from being stored in clear text.

I see the Internet littered with posts about how to use Azure key vault but that doesn't help me... I don't run in Azure and I need our connection strings and other app secrets well... to be secret like they were in mvc 5.