如何以安全的方式加密web.config中的连接字符串? [英] How to encrypt connectionstring in web.config in a secure way ?
问题描述
我想在web.config中加密连接字符串,我希望没有人能够得到它!
使用aspnet_regiis.exe -pefconnectionStringsD:\ path进行加密时,所有人都可以使用此解密代码对其进行解密 - > ; aspnet_regiis.exe -pdfconnectionStringsD:\ path
如果我使用像RSA这样的自定义密钥...那么我应该写出密钥名称web.config ...以便应用程序可以在调试过程中自动解密它!
所以我认为如果一个人可以访问加密的web.config,那么他可以访问web.config和connectionstring以及用户名和密码到数据库。
,因为他可以用通常的命令解密它...... !!!
所以如何用密钥对它进行加密?! ?!?!?
请帮帮我!
谢谢..
I want to encrypt connectionstring in a web.config and I want that nobody can get it!
when encrypt it with "aspnet_regiis.exe -pef "connectionStrings" D:\path" , all of the people can decrypt it with this decryption code --> "aspnet_regiis.exe -pdf "connectionStrings" D:\path"
and if I use custom keys like RSA ...then I should write the key Name in web.config ...in order that the application can decrypt it automatically in debug process!
so I think that if a guy can reach the encrypted web.config , so he can reach the web.config and connectionstring and username and password to the database ..
because he can decrypt it with the usual commands ...!!!
so how can I encrypt it with secret Key?!?!?!?
please help me !
thanks..
推荐答案
首先,请参阅本概述中的此部分:配置概述:ASP.NET [ ^ ]。
-SA
To start with, please see this section in this overview: Configuration Overview: ASP.NET[^].
—SA
这篇关于如何以安全的方式加密web.config中的连接字符串?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!