堆栈内存溢出
  简体   繁体   English

如何将本地ASP.NET网站连接到远程Azure SQL Server数据库?

[英]How to connect a local ASP.NET website to a remote Azure SQL Server database?

 原文  2018-01-28 14:43:20       c#/ asp.net/ azure/ asp.net-mvc-5/ azure-sql-database

问题描述

I've got an ASP.NET 4.6.2 website under development and it would be convenient to connect this to an existing Azure database. 我正在开发一个ASP.NET 4.6.2网站,将其连接到现有的Azure数据库会很方便。

Obviously I could put in the connection string with login credentials locally, but it seems likely that this would then expose those clear text credentials during tcp communications. 显然,我可以在本地输入带有登录凭据的连接字符串,但这似乎会在tcp通信期间公开那些明文凭据。

I thought of using aspnet_regiis to encrypt the connection strings, but AFIK this is intended for local machine encryption, not remote connections. 我考虑过使用aspnet_regiis来加密连接字符串,但是AFIK旨在用于本地计算机加密,而不是远程连接。

1 个解决方案

解决方案1
 1 已采纳  2018-01-28 15:00:20

Take a look at the connection string provided by Azure. 查看Azure提供的连接字符串。 You'll see Encrypt=true and TrustServerCertificate=false in there. 您将在其中看到Encrypt=trueTrustServerCertificate=false The Encrypt setting forces an SSL connection before anything is transmitted, and TrustServerCertificate requires the server's SSL cert name to match the connection string's server name. Encrypt设置会在传输任何内容之前强制进行SSL连接,并且TrustServerCertificate要求服务器的SSL证书名称与连接字符串的服务器名称匹配。

So it isn't really an issue, security-wise. 因此,从安全角度来看,这实际上不是问题。

That being said, I store all my secrets like connection strings (database, storage accounts, and even serialized X509 certificates) as Azure Key Vault Secrets. 话虽如此,我将所有我的机密(例如连接字符串)(数据库,存储帐户,甚至序列化的X509证书)存储为Azure Key Vault机密。 Key Vault is an extremely low-cost service and this way you only need to store the base URI of your key vault (which isn't sensitive, you can store it in a plaintext config somewhere). Key Vault是一项成本极低的服务,因此您只需要存储密钥库的基本URI(这并不敏感,可以将其存储在某个地方的纯文本配置中)。

At runtime it's secured by policies authorizing app access to the data, and locally during development your Azure account provides access. 在运行时,通过授权应用访问数据的策略来保护它,在开发过程中,您的Azure帐户在本地提供访问权限。

It's important to cache Key Vault results, Key Vault isn't meant for high-throughput access. 缓存Key Vault结果很重要,Key Vault并不适合高吞吐量访问。 Last month I blogged about how to do this here if you want some code to get you started. 上个月,我的博客上讲述如何做到这一点在这里 ,如果你想一些代码,让你开始。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 将ASP.NET WebSite连接到SQL数据库 - Connect ASP.NET WebSite to SQL Database 如何使用Visual Studio 2015连接到ASP.NET中的本地SQL Server数据库? - How to connect to a local SQL Server database in ASP.NET using Visual Studio 2015? 如何使用Visual Studio 2013连接到asp.net中的本地SQL Server数据库? - How to connect to a local SQL server database in asp.net using Visual Studio 2013? ASP.NET MVC 无法连接到我的本地 SQL Server 数据库 - ASP.NET MVC cannot connect to my local SQL Server database 如何使用ASP.NET连接到远程Oracle数据库? - How to use ASP.NET to connect to a remote Oracle database? 如何使用mysql在asp.net中连接远程数据库? - How to connect remote database in asp.net using mysql? 如何将Asp.net网站连接到联网计算机上的Oracle数据库 - How to connect a Asp.net website to Oracle Database on a Networked Computer ASP.NET + SQL Server-如何将托管数据库移动到与网站相同的服务器? - ASP.NET + Sql Server - How to move hosted database to same server as website? asp.net无法连接到远程服务器 - asp.net Unable to connect to the remote server “无法连接到SQL Server数据库”-ASP.NET配置 - “Unable to connect to SQL Server database” - ASP.NET configuration
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM