加密部署.NET的配置文件 [英] Encrypting config files for deployment .NET

问题描述

我有一个从app.config读取的Windows服务

我想要一些设置被加密，但是，我不想使用ProtectedConfigurationProvider类在.NET中，因为他们基于使用DPAPI运行的机器加密文件。

我想要的是一种方式，我们的管理员部署已经加密的配置文件许多机器，并且每个机器在需要时解密它们。

我不想硬编码一个密码到程序集中，所以我不知道如何去

解决方案

也许您的中央服务器可以维护所有端点的私钥数据库，特定机器密钥。

所有机器的共享私钥不会安全。

I have a windows service that reads from app.config

I want some settings to be encrypted, however, I don't want to use the ProtectedConfigurationProvider classes provided in .NET because they encrypt files based on the machine they are running on using DPAPI.

What I wanted was a way for our administrator to deploy the config file already encrypted to many machines and have each machine decrypt them when needed.

I don't want to hardcode a password into the assembly either so I'm not sure how I can go about this.

解决方案

Perhaps your central server can maintains a database of the private keys for all the end points, then it could use the specific machine key for that.

A shared private key for all the machines is not going to be that secure.

这篇关于加密部署.NET的配置文件的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！