Sharing an encrypted connection string across multiple applications in .NET
I'm looking for a way of encrypting a database connection string that will be shared across a number of different services and applications. These applications and services will run on the same machine, but this may (most likely) change in the future.
I've taken a look at开发者_如何学JAVA the functionality in .NET's System.Configuration namespace, and it doesn't quite do what I want. Unless I'm missing something very obvious, it allows me to encrypt the connection string but there doesn't appear to be a way to export the encryption keys so that I can share them across multiple machines. In fact, it isn't clear from the MSDN documentation whether I'll be able to share this encrypted data across multiple processes. It's probably worth noting here that this is not a ASP.NET web service, so I can't make use of the web.config file and aspnet_regiis.exe to perform key management. Or can I?
If there is no way of doing with with the System.Configuration classes, I'll most likely resort to storing the encrypted connection string in the registry and do my own key management. The ideal solution would be to avoid the registry and use .NET's System.Configuration facility.
You can use the same .config encryption functionality as available in ASP.NET, but you'll need to do it during the installation (or first time run) of your Windows app (I presume this is what you're asking for?)
See this article: http://social.msdn.microsoft.com/Forums/en/sqlsecurity/thread/c3a09697-a980-4351-8f40-155a9bcfc939
We ended up storing the encryption keys in the registry, and manually handling key management.
精彩评论