Hello,
I have two questions that I am hoping to get some help on...
The first is with regard to the overall appSettings.json file. We would like to fully encrypt this file once it is deployed, and I am trying to figure out where I can put a custom ConfigurationSource in the application to allow this information to be decrypted, prior to handing it off to the rest of the application. Does anyone have an example of how to do this, or can provide some information about what needs to be done here? Is what I am suggesting considered a best practice, or should I be looking towards something else?
The other part of the question is related, as it also appears in the appSettings.json file, and that is the AbpZeroLicenseCode. Is this "ok" to leave in the appSettings.json file? Is it sensitive in anyway, i.e. would we not want other people to get access to this? What are the best practices around securing this information if required?
Thanks
Gary
2 Answer(s)
-
0
Hi,
For the first one, you can try <a class="postlink" href="https://docs.microsoft.com/en-us/aspnet/core/fundamentals/configuration/index?view=aspnetcore-2.1#custom-configuration-provider">https://docs.microsoft.com/en-us/aspnet ... n-provider</a>.
AspNet Zero doesn't check license code on production, so you can leave it empty when you deploy your app. For development time, you can store it in user secrets <a class="postlink" href="https://docs.microsoft.com/en-us/aspnet/core/security/app-secrets?view=aspnetcore-2.1&tabs=windows">https://docs.microsoft.com/en-us/aspnet ... bs=windows</a>.
-
0
Thank you for getting back to me!
That information will be very useful, appreciate your time.
Gary
