如何加密 web.config 中的一项
ASP.NET 4
我在 web.config 中对连接字符串使用了 RSA 密钥加密在我的网络农场上。不过,我还想加密一个自定义密码条目。我应该如何使用 RSA 密钥对其进行加密,而不加密其余配置。请指教,谢谢。
例子:
<appSettings>
...
<add key="Host" value="www.foo.com" />
<add key="Token" value="qwerqwre" />
<add key="AccountId" value="123" />
<add key="DepartmentId" value="456" />
<add key="Password" value="asdfasdf" />
<add key="SessionEmail" value="[email protected]" />
<add key="DefaultFolder" value="789" />
</appSettings>
ASP.NET 4
I've used RSA key encryption for connection strings in web.config on my web farm. However, there's one more custom password entry that I'd like to encrypt. How should I encrypt it with RSA key without having the rest configurations being encrypted. Please advise, thanks.
Example:
<appSettings>
...
<add key="Host" value="www.foo.com" />
<add key="Token" value="qwerqwre" />
<add key="AccountId" value="123" />
<add key="DepartmentId" value="456" />
<add key="Password" value="asdfasdf" />
<add key="SessionEmail" value="[email protected]" />
<add key="DefaultFolder" value="789" />
</appSettings>
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
您可以将密码放入单独的部分并仅加密该部分。例如:
然后(请注意,我在示例中使用 DPAPI,因此请调整 RSA 的提供程序):
加密后,文件将如下所示:
文件加密后,您在应用程序中访问这些设置的方式仍然是相同且完全透明:
You could put the password into a separate section and encrypt this section only. For example:
and then (note that I am using DPAPI in my example so adapt the provider for RSA):
Once encrypted the file will look like this:
The way you would access those settings in your application once the file is encrypted is still the same and completely transparent:
在 c# 和 .Net 4.5 中,我必须使用它来读取加密设置:
但在其他方面却很不错。
In c# and .Net 4.5 I had to use this to read the encrypted setting:
but otherwise works a treat.
您无法加密单个条目 - 基础设施仅允许加密整个配置部分。
一种选择是将条目放置在其自己的配置部分中并对其进行加密。
You can't encrypt a single entry - the infrastructure only allows for encryption of whole config sections.
One option is to place the entry in its own config section and encrypt that.