加密用于部署 .NET 的配置文件 [英] Encrypting config files for deployment .NET
问题描述
我有一个从 app.config 读取的 Windows 服务
I have a windows service that reads from app.config
我希望对某些设置进行加密,但是,我不想使用 .NET 中提供的 ProtectedConfigurationProvider 类,因为它们使用 DPAPI 根据运行文件的机器对文件进行加密.
I want some settings to be encrypted, however, I don't want to use the ProtectedConfigurationProvider classes provided in .NET because they encrypt files based on the machine they are running on using DPAPI.
我想要的是一种方法,让我们的管理员可以将已经加密的配置文件部署到多台机器上,并在需要时让每台机器解密它们.
What I wanted was a way for our administrator to deploy the config file already encrypted to many machines and have each machine decrypt them when needed.
我也不想将密码硬编码到程序集中,所以我不知道我该怎么做.
I don't want to hardcode a password into the assembly either so I'm not sure how I can go about this.
推荐答案
也许您的中央服务器可以维护所有端点的私钥数据库,然后它可以为此使用特定的机器密钥.
Perhaps your central server can maintains a database of the private keys for all the end points, then it could use the specific machine key for that.
所有机器的共享私钥不会那么安全.
A shared private key for all the machines is not going to be that secure.
这篇关于加密用于部署 .NET 的配置文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!