Encryption 为什么可以'；是否在Azure（Windows Server 2012）上使用自定义configProtectionProvider加密web.config/appSettings？_Encryption_Azure_Web Config_Appsettings_Windows Server 2012

Encryption 为什么可以'；是否在Azure（Windows Server 2012）上使用自定义configProtectionProvider加密web.config/appSettings？

encryption azure

Encryption 为什么可以'；是否在Azure（Windows Server 2012）上使用自定义configProtectionProvider加密web.config/appSettings？,encryption,azure,web-config,appsettings,windows-server-2012,Encryption,Azure,Web Config,Appsettings,Windows Server 2012,我有一个MVC应用程序，它部署到运行在Windows Server 2012虚拟机上的Windows Azure托管服务。在web.config文件中，我有3个加密部分：connectionStrings，dataCacheClients，和system.net/mailSettings/smtp。以下是相关章节的内容： <configuration> ... <configProtectedData> <providers> &l

我有一个MVC应用程序，它部署到运行在Windows Server 2012虚拟机上的Windows Azure托管服务。在

web.config

文件中，我有3个加密部分：

connectionStrings

，

dataCacheClients

，和

system.net/mailSettings/smtp

。以下是相关章节的内容：

<configuration>
  ...
  <configProtectedData>
    <providers>
      <add name="CustomProvider" thumbprint="[this is secret]"
          type="Pkcs12ProtectedConfigurationProvider.Pkcs12ProtectedConfigurationProvider, PKCS12ProtectedConfigurationProvider, Version=1.0.0.0, Culture=neutral, PublicKeyToken=34da007ac91f901d" />
    </providers>
  </configProtectedData>
  ...
  <connectionStrings configProtectionProvider="CustomProvider">
    <EncryptedData ... ommitted for brevity
  </connectionStrings>
  ...
  <system.net>
    <mailSettings>
      <smtp configProtectionProvider="CustomProvider">
        <EncryptedData ommitted for brevity
      </smtp>
    </mailSettings>
  </system.net>
  ...
  <dataCacheClients configProtectionProvider="CustomProvider">
    <EncryptedData ommitted for brevity
  </dataCacheClients>
  ...
</configuration>

…然后我得到以下异常：

Server Error in '/' Application.

Configuration Error

Description: An error occurred during the processing of a configuration file
required to service this request. Please review the specific error details
below and modify your configuration file appropriately.

Parser Error Message: An error occurred loading a configuration file: Could not
load file or assembly 'PKCS12ProtectedConfigurationProvider, Version=1.0.0.0,
Culture=neutral, PublicKeyToken=34da007ac91f901d' or one of its dependencies.
The system cannot find the file specified.

Source Error: 

Line 41:     </EncryptedData>
Line 42:   </connectionStrings>
Line 43:   <appSettings configProtectionProvider="CustomProvider">
Line 44:     <EncryptedData ...>
Line 45:       <EncryptionMethod .../>

Source File: E:\sitesroot\0\web.config    Line: 43 

Assembly Load Trace: The following information can be helpful to determine why
the assembly 'PKCS12ProtectedConfigurationProvider, Version=1.0.0.0,
Culture=neutral, PublicKeyToken=34da007ac91f901d' could not be loaded.

WRN: Assembly binding logging is turned OFF.
To enable assembly bind failure logging, set the registry value
[HKLM\Software\Microsoft\Fusion!EnableLog] (DWORD) to 1.
Note: There is some performance penalty associated with assembly bind failure
logging.
To turn this feature off, remove the registry value
[HKLM\Software\Microsoft\Fusion!EnableLog].

Assembly Load Trace: The following information can be helpful to determine why
the assembly 'PKCS12ProtectedConfigurationProvider, Version=1.0.0.0, 
Culture=neutral, PublicKeyToken=34da007ac91f901d' could not be loaded.

=== Pre-bind state information ===
LOG: User = NT AUTHORITY\NETWORK SERVICE
LOG: DisplayName = PKCS12ProtectedConfigurationProvider, Version=1.0.0.0, Culture=neutral, PublicKeyToken=34da007ac91f901d
 (Fully-specified)
LOG: Appbase = file:///d:/windows/system32/inetsrv/
LOG: Initial PrivatePath = NULL
Calling assembly : (Unknown).
===
LOG: This bind starts in default load context.
LOG: No application configuration file found.
LOG: Using host configuration file: D:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet.config
LOG: Using machine configuration file from D:\Windows\Microsoft.NET\Framework64\v4.0.30319\config\machine.config.
LOG: Post-policy reference: PKCS12ProtectedConfigurationProvider, Version=1.0.0.0, Culture=neutral, PublicKeyToken=34da007ac91f901d
LOG: Attempting download of new URL file:///d:/windows/system32/inetsrv/PKCS12ProtectedConfigurationProvider.DLL.
LOG: Attempting download of new URL file:///d:/windows/system32/inetsrv/PKCS12ProtectedConfigurationProvider/PKCS12ProtectedConfigurationProvider.DLL.
LOG: Attempting download of new URL file:///d:/windows/system32/inetsrv/PKCS12ProtectedConfigurationProvider.EXE.
LOG: Attempting download of new URL file:///d:/windows/system32/inetsrv/PKCS12ProtectedConfigurationProvider/PKCS12ProtectedConfigurationProvider.EXE.

部署到Windows Server 2012虚拟机上运行的Windows Azure托管服务时，是否可以使用自定义的
configProtectionProvider
加密
web.config/appSettings
更新：发布后，我打开了
Fusion！EnableLog
注册表项，现在我在异常中获得此附加信息：

Server Error in '/' Application. Configuration Error Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately. Parser Error Message: An error occurred loading a configuration file: Could not load file or assembly 'PKCS12ProtectedConfigurationProvider, Version=1.0.0.0, Culture=neutral, PublicKeyToken=34da007ac91f901d' or one of its dependencies. The system cannot find the file specified. Source Error: Line 41: </EncryptedData> Line 42: </connectionStrings> Line 43: <appSettings configProtectionProvider="CustomProvider"> Line 44: <EncryptedData ...> Line 45: <EncryptionMethod .../> Source File: E:\sitesroot\0\web.config Line: 43 Assembly Load Trace: The following information can be helpful to determine why the assembly 'PKCS12ProtectedConfigurationProvider, Version=1.0.0.0, Culture=neutral, PublicKeyToken=34da007ac91f901d' could not be loaded. WRN: Assembly binding logging is turned OFF. To enable assembly bind failure logging, set the registry value [HKLM\Software\Microsoft\Fusion!EnableLog] (DWORD) to 1. Note: There is some performance penalty associated with assembly bind failure logging. To turn this feature off, remove the registry value [HKLM\Software\Microsoft\Fusion!EnableLog].

Assembly Load Trace: The following information can be helpful to determine why the assembly 'PKCS12ProtectedConfigurationProvider, Version=1.0.0.0, Culture=neutral, PublicKeyToken=34da007ac91f901d' could not be loaded. === Pre-bind state information === LOG: User = NT AUTHORITY\NETWORK SERVICE LOG: DisplayName = PKCS12ProtectedConfigurationProvider, Version=1.0.0.0, Culture=neutral, PublicKeyToken=34da007ac91f901d (Fully-specified) LOG: Appbase = file:///d:/windows/system32/inetsrv/ LOG: Initial PrivatePath = NULL Calling assembly : (Unknown). === LOG: This bind starts in default load context. LOG: No application configuration file found. LOG: Using host configuration file: D:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet.config LOG: Using machine configuration file from D:\Windows\Microsoft.NET\Framework64\v4.0.30319\config\machine.config. LOG: Post-policy reference: PKCS12ProtectedConfigurationProvider, Version=1.0.0.0, Culture=neutral, PublicKeyToken=34da007ac91f901d LOG: Attempting download of new URL file:///d:/windows/system32/inetsrv/PKCS12ProtectedConfigurationProvider.DLL. LOG: Attempting download of new URL file:///d:/windows/system32/inetsrv/PKCS12ProtectedConfigurationProvider/PKCS12ProtectedConfigurationProvider.DLL. LOG: Attempting download of new URL file:///d:/windows/system32/inetsrv/PKCS12ProtectedConfigurationProvider.EXE. LOG: Attempting download of new URL file:///d:/windows/system32/inetsrv/PKCS12ProtectedConfigurationProvider/PKCS12ProtectedConfigurationProvider.EXE.

那么这里还有一个问题：为什么IIS会在
inetsrv
路径中查找此程序集，而不是在应用程序的
/bin
文件夹中查找它？我在日志中看到“找不到应用程序配置文件”。这是否意味着程序集绑定器必须找到带有未加密的
appSettings
部分的
web.config
，才能对其进行解析和加载？
您是否尝试在GAC中安装程序集，但角色启动时

有关在启动时向gac添加程序集的信息
我通过安装NuGet软件包修复了此错误：

我猜安装过程的一部分是为您注册.dll。
您是否尝试在GAC中以角色开始安装程序集？@Zonder no。这可以通过azure startup cmd完成吗？我不擅长编写windows命令……我在博客上找到一篇文章，解释了进程别忘了在程序集上签名：）@Dreamwalker成功了，谢谢。请将此作为答案发布，以便我可以奖励您赏金。另外，程序集签名是不必要的。为了帮助未来的读者：where
gacutil
正在隐藏