把明文的密码写在Web.Config里面总是不太好吧!
加密一下,至少显得专业点,下面是我的方法:
aspnet_regiis -pef "connectionStrings" "f:/DOTNETAPP2.0/SCHOOLP
ROFILE" -prov "DataProtectionConfigurationProvider"
注意:后面一定要"DataProtectionConfigurationProvider" ,不加这个参数,就是用默认方式加密。
处理起来很罗嗦!connectionStrings可以替换成你需要的加密配置节,另外
有的SECTION是不能加密的,要注意!
用"DataProtectionConfigurationProvider" 参数,加密后,可以不用解密处理,系统依旧能使用原来
的连接串正常连接数据库!
加密前:
<connectionStrings>
<add name="MyConn" connectionString="server=localhost;uid=sa;pwd=123456;Initial Catalog=SchoolProfile"
providerName="System.Data.SqlClient" />
</connectionStrings>
加密后:
<connectionStrings configProtectionProvider="DataProtectionConfigurationProvider">
<EncryptedData>
<CipherData>
<CipherValue>AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA5T1gcwVg/0qvVeziLTglSQQAAAACAAAAAAADZgAAqAAAABAAAADt4LPmdEtJP3O3F2k2tEUWAAAAAASAAACgAAAAEAAAACVZduywWhhWOVjg0aRY/RYAAgAANmIZ0DQGMCZL42BtSs7rmUZVc1DE0kOm8Yb+LkngV4qkd7DY5JOBz6mCMi8sMBOllQ9n8iNgfhk+0IYAvXRnGXO4RL13pcmNwzJHRqNSZMUX9a5qtVz+JSQFqJLM+9sM8lDyjA77H9p+Yi5pzQtdkDk5w5M2hTSOK/ku3SUCXE9UZgYQxYvvmhO3WXkLx69nMFRNxskVqznK3s0EzQDtqA4oJE8RL1lzKlqRqbUIEnMcwB4N7/mFqcNmm7zJPKDgawZszlaLITAgIivyyWHPtcz1flT1hZsgmFWqpucNSSz6lJCA2TM10Z2sQ44augCiZi0XJyTaRrhGw51v8bR9oZtqxDiLxn89c1VqSUnPeO51ukQPEO0nCR+wN414AiQMrg3mv8YZB05kawx9kt6K79j45sAxaumCkhuMl9uU21NPJCPfzKukhab/rhqeBHQGiIvKfVCC3H8TB2XOR5a4lA1jLo7ceOtehjgVZqn5XKocLyzYbBkKzMZNnEcgcrsgdOmUgs3IajmtzZ1x2zcOqMdcoZJYNxCXGzCNMviIeV+C7/O6iqnYL3p0G4dKHhkcXoJm5pssNItS1OgsPCdtwBRfF6Fza7RimRW6iK/KIU/eih+OPc/2n0u2GsIgq5KjQuow3aTmy99dAC3kxTvxtbRFE8xbNPdBqYW6++vCm5sUAAAAY70pIKQBMd07W9P4heo6xJDfpIM=</CipherValue>
</CipherData>
</EncryptedData>
</connectionStrings>
加密邮件的配置节:
aspnet_regiis -pef system.net/mailSettings/smtp e:/schoolprofile -prov "DataProtectionConfigurationProvider"
加密前:
<system.net>
<mailSettings>
<smtp from="hnwanghb@126.com">
<network host="smtp.126.com" password="xxxxxx" userName="hnwanghb"/>
</smtp>
</mailSettings>
</system.net>
加密后:
<system.net>
<mailSettings>
<smtp configProtectionProvider="DataProtectionConfigurationProvider">
<EncryptedData>
<CipherData>
<CipherValue>AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAdwEJkDOW80q0Kls52kqs2QQAAAACAAAAAAADZgAAqAAAABAAAADl/9dsRL/9kbiQglGhsiJlAAAAAASAAACgAAAAEAAAAJytjibFny9ZsbGgOIFltOHwAAAAPSVFWkK7nGNqlTxy4Or6YQdmRMX6nhHeYclfIQdaIkF/HxRgNeKUUlmG6k4zq2PNksS+VXefNYTEk2zE6uHCyi3BnwM2CCEs/OvjiVzLyq1wa6Z3HH+1HztSA+tHrXjJV9aUhMVJbi99F3a5SkgO2yuzXf3uyD05nEiSaEl6dcQOadBRIlN9Fo7xaIhplkY6+VehulicHNXI5xqM0/lKOQQZe/BSVTNriBk7F9Q9nr8iVY/zVvJO+e5WEb7RTm9leLDTqt43/4RDNsuobFIqgA/sSm4Brz/Eh86XhjoCI2eHBPIQWfoc4nmHoUZRaNB4FAAAAJh2GdL8alPIvcq03UNXV7+EFlA8</CipherValue>
</CipherData>
</EncryptedData>
</smtp>
</mailSettings>
</system.net>
如果想把加密的字符串恢复,使用以下命令:
aspnet_regiis -pdf "connectionStrings" "f:/DOTNETAPP2.0/SCHOOLPROFILE"
我的困惑是,既然不用密码,这样两个命令就能加密/解密,还是不太安全捏!微软为什么要做这个功能呢?