I'm just wondering if anyone has any great ideas on this.
We have many Windows C # services. Each application is installed on several computers (anywhere from 2-80, depending on the application).
Due to network security settings, we cannot (sequentially) use Windows authentication on SQL servers, so our connection strings and credentials have actual usernames and passwords.
Our infrastructure specialists want to be able to do the following when deploying software: 1) Edit the configuration once - set the appropriate server, user and passwords for various database connections. 2) Connect the connection strings (at least) with encrypted or otherwise unreadable to the naked eye 3) Copy this configuration file to all installations of the specific software. This means that encryption cannot be tied to a specific machine.
Can DPAPI do this? Is it possible to install one set of keys for all purposes in order to allow decryption of the common configuration file? How is the configuration edited in this case? How to get other users to view the encrypted configuration in the same way?
source
share