Export (0) Print
Expand All

Encrypting the Rules Store and the Service Information Store

The Autoscaling Application Block uses Personal Information Exchange format keys (PFX, also called PKCS #12) to encrypt the service information store and the rules store in Windows Azure blob storage and in local file storage. For more information, see "Pkcs12 Protected Configuration Provider."

Hh680910.note(en-us,PandP.50).gifNote:
The encryption solution used by the Autoscaling Application Block is not recommended as a general approach for encrypting sensitive data in Windows Azure. The Autoscaling Application Block uses this solution to meet its specific security requirements. You should carefully evaluate any encryption approach that you decide to use in your own Windows Azure applications.

You can use the Protect-ScalingStore Windows PowerShell Cmdlet to encrypt the store file on the local machine using a PFX certificate. To create a suitable certificate, see the topic "Creating an Encryption Certificate."

To encrypt a store file in blob storage you must perform three steps. First, encrypt the file locally using the Protect-ScalingStore cmdlet. Second, upload the store file to Windows Azure blob storage using the Set-ScalingStore cmdlet. Third, ensure that you upload to Windows Azure the service certificate that the block needs to decrypt the store file.

Hh680910.note(en-us,PandP.50).gifNote:
You can pipe the output from the Protect-ScalingStore cmdlet to the Set-ScalingStore cmdlet in a script.

To upload your certificate to Windows Azure you can use any of the following methods.

To encrypt a store file in local file storage, encrypt the file locally using the Protect-ScalingStore cmdlet.

Last built: June 7, 2012

Show:
© 2014 Microsoft