|
Posted by SevDer on April 4, 2006, 12:27 pm
Please log in for more thread options Hi,
Web farm is performed by hardware loadbalancer balanced over 4 web servers.
But our sites are hosted on IIS on each machine where all the servers have
the code on their own harddrives.
And yes, it is just a string key, but if you recommend we can put into
certificate (I don't know how).
I hope this information is enough.
--
SevDer
http://www.sevder.com
A new source for .NET Developers
>I am cross-posting to the iis.security newsgroup (even though you
> have not state the web farm is IIS based).
>
> I think I see why DPapi would not present a solution even though
> storage in text file is, as indicated in initial post, a viable solution.
>
> However, perhaps if you were to clarify your requirement and
> the environment a little more.
> Is this key just a string, or do you mean a certificate (that holds
> this key)? I assume what you are after is safe storage of this key
> that is used for your application internal encryption in such as way
> that it will be automatically available upon automated provisioning
> of a new server in the farm. Right? If so, characterize the farm
> so we know what if any security contexts the instances share.
>
>> No this is not the one because we are on web farm and thats why we need
>> to store our key somewhere.
>>
>> --
>>
>> SevDer
>> http://www.sevder.com
>> A new source for .NET Developers
>>
>>
>>> Perhaps you are meaning storage via the DPAPI (data protection api).
>>> Check in MSDN
>>>
>>>
>>>> Hi,
>>>>
>>>> I heard that Windows has a built in key manager that will be used for
>>>> us to
>>>> securely store our keys that we use for our internal encryption rather
>>>> that
>>>> hardcoding into the code or storing in text files.
>>>>
>>>> Any suggestions for this purpose?
>>>>
>>>> Thanks in advance.
>>>>
>>>> --
>>>>
>>>> SevDer
>>>> http://www.sevder.com
>>>> A new source for .NET Developers
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>
>
| 
XML Sitemap