Thank you Dan. On a side note. If you right mouse click on the project file, from the menu you can select "Manage User Secrets". Another way besides the command line. This is in VS 2022.
Very useful video, thanks 😉👍 . I got error "Could not find the global property 'UserSecretsId' in MSBuild project ...", but helped me call "dotnet user-secrets init" before calling " dotnet user-secrets set ...", then all was ok 🙂 .
Hi! Did you ever create a video that shows how to store keys in environment variables for production on an on-prem windows server? I know how to create the variables in Windows and deploy the app to IIS, but I would like to see a quick example in the .net core code of how to get it to reference those local environment variables. For instance, is there something we need to add to the program or something so that it knows to look in the local environmental variables? Thanks!
For anyone still wondering about this, here's one way you can do it: Environment.SetEnvironmentVariable("DefaultConnection", "connection string value"); string connString = Environment.GetEnvironmentVariable("DefaultConnection"); This way the environment variable exists only for the duration of the running application process. You can just put this inside Program.cs if you like.
You know how he uses "dev" to get the connection string. That "dev" could be a value stored in your appsettings.json per enviroment. i.e, different secrets for different enviroments.
@@societysvillain you can use key vault even if your app is not in azure. If you don't want to use azure key vault its better to use encrypted secrets in your config.
@@dharwal87 The encrypted secret should also be decrypted in your application. so if you don't want to use an env variable for storing your key for the decryption where do your store that key?
@@Barto2You It is always recommended to use certificate-based encryption and decryption. During deployment, the certificate's public key is used to encrypt the configuration values, and then the application loads the certificate and uses its private key to decrypt them. The certificate should be installed on your web server and password-protected.
