加密的Web.Config [英] Encrypting Web.Config

问题描述

复制href="http://stackoverflow.com/questions/559995/encrypting-config-files-for-deployment-net">Encrypting配置文件用于部署.NET 和加密的配置文件进行部署

Duplicate of Encrypting config files for deployment .NET and Encrypting config files for deployment

---

什么是最好的方法和工具，在web.config文件加密的信息？

What is the best approach and tools for encrypting information in web.config file?

推荐答案

我相信有这样做的两种方式：

I believe there are two ways of doing this:

使用aspnet_regiis的使用 DPAPI 或的 RSA 或做它编程的。

using aspnet_regiis using DPAPI or RSA, or doing it programmatically.

该编程方法可以方便，特别是如果你也想加密的app.config。

The programmatic way can be handy, particularly if you also like to encrypt app.config.

这是我用这个经验，如果你写一个自定义配置部分，你必须安装含有类该节到GAC的DLL。对于一个项目，我的工作我基本上是照本宣科以下办法：

From my experiences of using this, if you write a custom configuration section, you have install the DLL containing the classes for that section into the GAC. For a project I was working I basically scripted the following approach:

• 复制配置DLL海关总署。
• 执行加密。
• 从GAC删除配置DLL。

机会是，如果你只是加密连接字符串，那么这将不会是一个问题。您还需要您是否要在机器范围内或以问责这两个选项一个特定的用户进行加密可以根据您的情况是有益的是铭记在心。为简单起见我坚持机广泛加密。我所提供的链接解释这两种方法的优点。

Chances are if you are just encrypting connection strings then this won't be a problem. You also need to be bear in mind whether you want to encrypt on a machine wide basis or to a specific user account- both options can be useful depending on your scenario. For simplicity I stuck to machine wide encryption. The links I have provided explain the merits of both approaches.

这篇关于加密的Web.Config的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！