an ASP.NET Open Source CMS & eCommerce platform
Search:
Skip Navigation LinksHome > DotShoppingCart Forums > Development > General Programming > Encrytption Key DotShoppingCartMaster.key
Encrytption Key DotShoppingCartMaster.key
Last Post 8/26/2008 10:22:16 AM By lukezy. 5 replies.
8/25/2008 11:08:49 PM
rmoynihan
Posts: 10
Joined: 7/22/2008
Encrytption Key DotShoppingCartMaster.key

Hi,

Is there a way to create or deploy the encryption key on a remote server without using Enterprise Library Configuration?

I've had trouble using Enterprise Library Configuration as I received errors about the state of the key and other validation errors when trying to save the web.config.

I have tried Enterprise Library Configuration v2.0 and v4.0.

I want to deploy my site to a remote server and then create or copy my current key (copy if possible). I have created a little windows application to create a key which uses the same code as the install.exe for the dotshoppingcart but as I am using shared hosting this is something which I cannot do on the remote server.

Thanks,

Ronan
8/25/2008 11:58:42 PM
lukezy
Posts: 2109
Joined: 6/12/2007
Location:WA, US
Re: Encrytption Key DotShoppingCartMaster.key

Check here to see if it helps.

If you plan to install it to the shared hosting, it defeats the purpose of encryption because you cannot control over the machine. You could simply disable the encryption. 

Using shared hosting you are putting your customers' data into great danger. Be careful of the payment industrial PCI standard. You might face huge fine when incident happens.

DotShoppingCart Staff
8/26/2008 12:10:31 AM
rmoynihan
Posts: 10
Joined: 7/22/2008
Re: Encrytption Key DotShoppingCartMaster.key

How I can I disable the encryption?

Can I disable the functionality to store credit card information in the Database. Is this what the encryption is used for? 

By not saving credit card info will this comply with  the payment industrial PCI standard?

Thanks.
8/26/2008 12:23:55 AM
lukezy
Posts: 2109
Joined: 6/12/2007
Location:WA, US
Re: Encrytption Key DotShoppingCartMaster.key

Look at CreditCard.cs remove all the Cryptographer calls.

PCI Standard is much more broad. To me using the shared hosting is way more dangerous than not encrypting the credit card#.

These days you can get a VPS for about $30+/mo. I don't know why people want to save that amount of money for the risk they would take.

DotShoppingCart Staff
8/26/2008 12:37:42 AM
rmoynihan
Posts: 10
Joined: 7/22/2008
Re: Encrytption Key DotShoppingCartMaster.key

Ok.

I'm trying it  out on my shared hosting but ya your right once its in production I should move it to a VPS.

What company do you recommend for hosting a VPS, I currently use www.seekdotnet.com and they chanrge $69.00 per month for dedicated hosting.

Would you recommend using a seperate VPS for each individual site, or would it be ok to host all my sites in the one VPS.

Thanks for the information,

Ronan
8/26/2008 10:22:16 AM
lukezy
Posts: 2109
Joined: 6/12/2007
Location:WA, US
Re: Encrytption Key DotShoppingCartMaster.key

Yes, you could host all your sites in one VPS. Just make sure they are all secure.

I would recommend Godaddy for dedicated hosting and VPS.

DotShoppingCart Staff
Project hosted at CodePlex.com
Copyright © 2013 DotShoppingCart. All rights reserved.