加密web.config字符串Azure

Question

I need to encrypt the connection string in my web.config file for my MVC5 project. The database is an Azure SQL database and my application will be hosted on Azure as well. I have never done encryption before and I am struggling.

First I followed instructions in this article - https://azure.microsoft.com/en-us/blog/securing-your-connection-string-in-windows-azure-part-1/ . But when it came to loading the files on to Azure, the link contained in the document was broken, and I couldn't find out where to upload them.

After some research, I found out that Azure Key Vault is the way forward, but I am struggling to find out how to use Key Vault as it is not in Azure Management Portal and to use it you need Powershell knowledge. I have tried to use Powershell as per this link https://channel9.msdn.com/Blogs/Windows-Azure/Azure-Key-Vault-Developer-Quick-Start only to find out that some of the commands are no longer in use.

Is there an easier method for me to follow? What other options do I have?

Thanks

Answer 1

Yes, Key Vault could be the way to go. But i would recommend you to go to the Azure.com articles instead of blogs/videos/etc, because only the official site has the up-to-date information. For example, here is the good start about client-side things . Here (yes, it is a blog, but very new :-) is the blog post that discusses the problem you mentioned.

There are some more traditional techniques about securing your connection string like the process that replaces dev/test connstrings by production strings as a part of the secure build/deployment process. Here, Visual Studio Team Services build definitions and Continuous Integration/Deployment may be the another approach (you can create the build definition and, right before the deployment, you may replace the connstring using some kind of scripts).