在部署/发布后自动加密web.config的部分？ [英] Automatically encrypt sections of web.config after deploy / publish?

问题描述

我有两个相关的问题：

管理环境之间Web项目部署的最佳方法是什么？我刚刚下载了 .NET Web部署项目，它似乎可以处理诸如替换 web.config 的某些部分以匹配环境的工作，是很棒的。我想自动化的另一件事是 web.config 某些部分的加密。发布后是否可以通过任何方式自动加密 web.config 部分？

What is the best way to managing deployment of web projects between environments? I just downloaded the .NET Web Deployment Project and it seems to handle things like replacing certain sections of the web.config to match the environment, which is great. The other thing that I wanted to automate was the encryption of certain sections of the web.config. Is there any way to 'auto-encrypt' the web.config sections after a publish?

第二个问题是您将密码存储在 web.config 中的什么位置？我要加密密码，而不是 appSettings 的其余部分。我必须创建自定义的 web.config 配置设置区域吗？

The second question is where do you store your passwords in a web.config? I want to encrypt the password but not the rest of the appSettings. Do I have to make a custom web.config configuration setting area?

推荐答案

嘿Joel-Web部署项目现在有点陈旧-请改用MS Deploy工具（它将随vs2010一起提供，但现在可以独立使用）。 MSDeploy（特定于机器的DPAPI加密）可能无法立即解决您的要求，但是由于该工具已与powershell集成在一起，因此您可以使用powershell v2 CTP3远程处理功能来运行脚本来加密您的配置

Hey Joel - the web deployment project is a bit dated now - check out the MS Deploy tool instead (it will be shipping with vs2010, but it's available stand-alone now). What you're asking is probably not handled out of the box with MSDeploy (machine-specific DPAPI encryption), but since the tool is integrated with powershell, you can use the powershell v2 CTP3 remoting feature to run the script to encrypt your configs on each machine, remotely (which is the only way you can access machien-local DPAPI anyway.)

这里的人在做类似的事情：

This guy here does something similar:

http://forums.iis.net/p/1156413 /1904975.aspx

-Oisin

这篇关于在部署/发布后自动加密web.config的部分？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！