search

tonerdo / dotnet-env

A .NET library to load environment variables from .env files
MIT License
427 stars 50 forks source link

Encryption #79

Closed omoinjm closed 1 year ago

omoinjm commented 1 year ago

How do I encrypt this file on windows server?

rogusdev commented 1 year ago

As noted in the README: https://github.com/tonerdo/dotnet-env#a-note-about-production-and-the-purpose-of-this-library you should not be using this in production.

If you are worried about the security of the settings in your .env file, you need to think through your usage more deeply. I can talk you through it, but that's a long talk, probably.

Short version: if at any point you have settings that you need to send along encrypted, or store encrypted for whatever reason, you don't encrypt the file, you encrypt the values. Then you decrypt the values when you read them, or just before. For example, this is how sops works: https://github.com/mozilla/sops

In short, what you are asking about is not an issue with this library.