
2023-09-03 07:00:19 作者:太可笑的我

我已经找到了一个例子安装过程中加密web.config中的此处,但我的应用程序是一个Windows服务。该 aspnetreg_iis 方法仅适用于web.config文件中。

I have found an example for encrypting a web.config during installation here, but my app is a windows service. The aspnetreg_iis method works only for web.config files.


I know how to programatically encrypt the config file, but I don't think I can do that using WiX. Am I wrong? Any ideas?



Here is what I ended up with...

我用维克斯和DTF创建一个托管C自定义操作$ C $到配置文件的指定部分加密:

I used WiX and DTF to created a managed code Custom Action to encrypt a given section of a config file:

    public static void EncryptConfig(Session session)

        var configPath = session["APPCONFIGPATH"];
        var sectionToEncrypt = session["SECTIONTOENCRYPT"];

        var fileMap = new ExeConfigurationFileMap();
        fileMap.ExeConfigFilename = configPath;
        var configuration = ConfigurationManager.OpenMappedExeConfiguration(fileMap, ConfigurationUserLevel.None);
        ConfigurationSection section = configuration.GetSection(sectionToEncrypt);

        if (!section.SectionInformation.IsProtected)
            section.SectionInformation.ForceSave = true;



Part of my lack of understanding that prompted this question was not knowing that you can safely create custom actions in managed code using DTF. Documentation is sparse on DTF, but once you get it working, it is great.


I found that this only worked if I scheduled the custom action after InstallFinalize.


Here is the WiX config to make it happen:

  <Custom Action="EncryptConfigurationFiles" After="InstallFinalize" />

    <Binary Id="YourProject.CustomActions.dll" SourceFile="$(var.YourProject.CustomActions.TargetDir)$(var.YourProject.CustomActions.TargetName).CA.dll" />
    <CustomAction Id="EncryptConfigurationFiles" BinaryKey="YourProject.CustomActions.dll" DllEntry="EncryptConfig" Return="check" />


These blogs/sites helped me get there and much of the code from above was derived from them:

http://geekswithblogs.net/afeng/Default.aspx http://blog.torresdal.net/2008/10/24/WiXAndDTFUsingACustomActionToListAvailableWebSitesOnIIS.aspx 的http://blogs.msdn.com/jasongin/archive/2008/07/09/votive-project-platform-configurations.aspx

@PITADeveloper ...感谢您的答复。我发现,我并不需要加载组件的配置文件进行加密。

@PITADeveloper... Thanks for the response. I found that I did not need to load the assembly to encrypt the config file.

如果你使用这个,你应该使用一个尝试捕捉并返回一个ActionResult ......以上是伪code。

If you use this, you should use a try catch and return an ActionResult... The above is pseudo-code.


Finally, I'm using the DataProtectionConfigurationProvider. For the RSA Provider, I think there are a couple more hoops to jump through.


I hope this helps someone!