Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Ask a Question
Welcome To Ask or Share your Answers For Others

Categories

Storing production secrets in ASP.NET Core

0 votes
264 views
in Technique[技术] by (71.8m points)

Storing production secrets in ASP.NET Core

I try to figure out where to best store application production secrets for an ASP.NET Core app. There are two similar questions Where should I store the connection string for the production environment of my ASP.NET Core app? and How to deploy ASP.NET Core UserSecrets to production which both recommend using environment variables.

My problem is that I want to run several instances of my web app with different databases and different database credentials. So there should be some per-instance configuration including secrets.

How could this be achieved in a safe way?

Note that the application should be able to self-host and be hostable under IIS! (Later we also plan to run it on Linux if that is of any importance for the question)

Update

This question is not about trying to use ASP.NET user secrets in production! UserSecrets are ruled out for production.

question from:https://stackoverflow.com/questions/40131672/storing-production-secrets-in-asp-net-core

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

As they state, user secrets is only for development (to avoid commiting credentials accidentally into the SCM) and not intended for production. You should use one connection string per database, i.e. ConnectionStrings:CmsDatabaseProduction,ConnectionStrings:CmsDatabaseDevelopment, etc.

Or use docker containers (when you're not using Azure App Service), then you can set it on per container basis.

Alternatively you can also use environment based appsetting files. appsettings.production.json, but they must not be included in the source control management (Git, CSV, TFS)!

In the startup just do:

    public Startup(IHostingEnvironment env)
    {
        var builder = new ConfigurationBuilder()
            .SetBasePath(env.ContentRootPath)
            .AddJsonFile("appsettings.json", optional: true, reloadOnChange: true)
            .AddJsonFile($"appsettings.{env.EnvironmentName}.json", optional: true)
            .AddEnvironmentVariables();
        Configuration = builder.Build();
    }

This way, you can load specific stuff from the appsettings.production.json and can still override it via environment variable.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

Just Browsing Browsing

2.1m questions

2.1m answers

60 comments

57.0k users

Most popular tags

Powered by Question2Answer
Donate
Theme by Q2A Market&&OStack.cn
...