发表新帖
发表新帖

C# connectionString encryption questions

前端 未结
关注
4 1980
眼角桃花
眼角桃花 2021-01-12 20:56

I am learning how to encrypt the ConnectionString for our C# (3.5) Application. I read the .Net Framwork Developer Guide (http://msdn.microsoft.com/en-us/library/89211k9b(VS

4条回答
  • 走了就别回头了
    走了就别回头了 (楼主)
    2021-01-12 21:48

    There are two methods of securing a key (actually one, but they head in different directions past the initial firing off of the tool).

    1. Use DPAPI and the machine's actual key. This is, in some ways, more secure, as nobody knows the key. It is also painful to export the key so you can put it on other machines in a farm. The only other way around is to have to maintain individual connection strings for each server in the farm. This CAN be done, but it is very kludgy. If you go this route, separate out connection strings from the config file so you can still update config on all servers but not whack the connection strings. Come to think of it, that is a good idea anyway.
    2. Set up a customized machine key (Google as there are generators out there that can create the key) and then supply that in the config file. You can then easily share keys.

    Hope this helps.

    0 讨论(0)
 看不清?
提交回复
热议问题