I need to encrypt sections of my web.config file for a client. Most of the references I've seen are to using aspnet_regiis to do the encryption. However, as far as I can see, this needs to happen on the web server which will host the site, which means the encrypted values will be different for each server. I don't have access to this client's servers. I found a passing reference to the possibility of encryping the web.config data in a way that is portable across servers, but haven't found any more detailed information. Does anyone know how to do this?
我需要加密我的网络部分。客户端配置文件。我看到的大多数引用都是使用aspnet_regiis进行加密。但是,据我所见,这需要在web服务器上进行,web服务器将托管站点,这意味着每个服务器的加密值都是不同的。我不能访问这个客户的服务器。我找到了对网络加密的可能性的一个顺便参考。配置数据在服务器上是可移植的,但是没有找到更详细的信息。有人知道怎么做吗?
1 个解决方案
#1
3
you need to encrypt it using RSA because with the RSAProtectedConfigurationProvider you could copy your key across server.
您需要使用RSA加密它,因为使用RSAProtectedConfigurationProvider,您可以跨服务器复制您的密钥。
Web Farm Scenarios
You can use RSA encryption in Web farms, because you can export RSA keys. You need to do this if you encrypt data in a Web.config file prior to deploying it to other servers in a Web farm. In this case, the private key required to decrypt the data must be exported and deployed to the other servers.Web Farm场景可以在Web Farm中使用RSA加密,因为可以导出RSA密钥。如果在Web中加密数据,就需要这样做。在将其部署到Web场中的其他服务器之前配置文件。在这种情况下,解密数据所需的私钥必须导出并部署到其他服务器。
Using the RSA Provider to Encrypt a Connection String in Web.config in a Web Farm
使用RSA提供程序加密Web中的连接字符串。在一个Web农场中配置。
To do this, you must create a custom RSA encryption key container and deploy the same key container on all servers in your Web farm. This won't work by default because the default RSA encryption key, "NetFrameworkConfigurationKey", is different for each computer.
为此,您必须创建一个自定义的RSA加密密钥容器,并在Web farm的所有服务器上部署相同的密钥容器。这在默认情况下无法工作,因为默认的RSA加密密钥“NetFrameworkConfigurationKey”对于每台计算机都是不同的。
So, scrool down to the "Web Farm Scenarios" section of the above link and follow the steps.
因此,请向下滚动到上面链接的“Web Farm scenario”部分,并遵循以下步骤。
#1
3
you need to encrypt it using RSA because with the RSAProtectedConfigurationProvider you could copy your key across server.
您需要使用RSA加密它,因为使用RSAProtectedConfigurationProvider,您可以跨服务器复制您的密钥。
Web Farm Scenarios
You can use RSA encryption in Web farms, because you can export RSA keys. You need to do this if you encrypt data in a Web.config file prior to deploying it to other servers in a Web farm. In this case, the private key required to decrypt the data must be exported and deployed to the other servers.Web Farm场景可以在Web Farm中使用RSA加密,因为可以导出RSA密钥。如果在Web中加密数据,就需要这样做。在将其部署到Web场中的其他服务器之前配置文件。在这种情况下,解密数据所需的私钥必须导出并部署到其他服务器。
Using the RSA Provider to Encrypt a Connection String in Web.config in a Web Farm
使用RSA提供程序加密Web中的连接字符串。在一个Web农场中配置。
To do this, you must create a custom RSA encryption key container and deploy the same key container on all servers in your Web farm. This won't work by default because the default RSA encryption key, "NetFrameworkConfigurationKey", is different for each computer.
为此,您必须创建一个自定义的RSA加密密钥容器,并在Web farm的所有服务器上部署相同的密钥容器。这在默认情况下无法工作,因为默认的RSA加密密钥“NetFrameworkConfigurationKey”对于每台计算机都是不同的。
So, scrool down to the "Web Farm Scenarios" section of the above link and follow the steps.
因此,请向下滚动到上面链接的“Web Farm scenario”部分,并遵循以下步骤。