Jan 09, 2021 01:21 AM|bruce (sqlwork.com)|LINK
Thanks for the details reply and detailed info, but as a second layer of security is there a way to encrypt sections of the appsettings.json, as we used to do in the web.config? where we encrypt part of the web,config (which contain sensitive info) by running
"ASPNET_REGIIS -pef ....." command?
you can if hosting with IIS. use environment variables in the asp.net core app, and set them in the hosting web.config
<aspNetCore processPath="dotnet" arguments=".\AppName.dll" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout">
<environmentVariable name="MyVariable" value="MyValue" />
then you use IIS encryption on the <enviromentVariables> section