web.config 加密/解密 正确版

一般加密方式:

利用Aspnet_regiis:

cd C:\Windows\Microsoft.NET\Framework\v4.0.30319

aspnet_regiis -pe "connectionStrings" -app "/WcfFileUploadService" -prov "DataProtectionConfigurationProvider"
aspnet_regiis -pef "connectionStrings" "D:\FieldUploadServices\WcfFileUploadService" -–prov "DataProtectionConfigurationProvider"

 利用代码:

 

 Configuration config = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);

            ConfigurationSection conSec = config.GetSection("connectionStrings");
            if (!conSec.SectionInformation.IsProtected)
            {
                conSec.SectionInformation.ProtectSection("DataProtectionConfigurationProvider");// Protect (encrypt)the section.
                conSec.SectionInformation.ForceSave = true;// Save the encrypted section.
                config.Save();
                Response.Write("connectionStrings操作成功!");
            }

            ConfigurationSection identSec = config.GetSection("system.web/identity");
            if (!identSec.SectionInformation.IsProtected)
            {
                identSec.SectionInformation.ProtectSection("DataProtectionConfigurationProvider");
                identSec.SectionInformation.ForceSave = true;
                config.Save();
                Response.Write("system.web/identity操作成功!");
            }
Configuration config = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
            
            ConfigurationSection section = config.GetSection("connectionStrings");//加密节点名称 appSettings、connectionStrings 、system.web/identity
            if (section.SectionInformation.IsProtected)
            {
                section.SectionInformation.UnprotectSection();
                config.Save();
                Response.Write("connectionStrings操作成功!");
            }

            ConfigurationSection identSec = config.GetSection("system.web/identity");
            if (identSec.SectionInformation.IsProtected)
            {
                identSec.SectionInformation.UnprotectSection();
                config.Save();
                Response.Write("system.web/identity操作成功!");
            }

 

RSA加密方式:
//RSA Encryption
aspnet_regiis -pc "MyKeys" -exp
aspnet_regiis -pa "MyKeys" "domain\username"
aspnet_regiis -pa "MyKeys" "NT AUTHORITY\NETWORK"
aspnet_regiis -pa "MyKeys" "IIS APPPOOL\DefaultAppPool" -full

<configProtectedData>
<providers>
<add name="MyProvider" type="System.Configuration.RsaProtectedConfigurationProvider,System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" keyContainerName="MyKeys" useMachineContainer="true" />
</providers>
</configProtectedData>

aspnet_regiis -pe "connectionStrings" -app "/WcfFileUploadService" -prov "MyProvider"
aspnet_regiis -pe "system.web/identity" -app "/WcfFileUploadService" -prov "MyProvider"

//Decryption
aspnet_regiis -pz "MyKeys"
aspnet_regiis -pd "connectionStrings" -app "/WcfFileUploadService"
aspnet_regiis -pd "system.web/identity" -app "/WcfFileUploadService"

如果对Identity加密,web.config将报错,需加:

1   <system.webServer>
2     <validation validateIntegratedModeConfiguration="false" />
3   </system.webServer>
View Code

 

posted @ 2016-11-08 14:23  -Ward-  阅读(1549)  评论(0编辑  收藏  举报