0

I have an ASP.NET Solution with a Webforms app and a class library. In the class library there is text that needs to read from a .pem file using

File.ReadAllText('PATH GOES HERE')

Currently the .pem file is sitting in the root directory of the class library. Is there any possible way to tell the code to access it from here? It seems like it keeps looking for it at:

C:\Program Files (x86)\IIS Express\private_key.pem

Should I store this file somewhere else?

I need a secure place to store it where only the File.ReadAllText can access it and not anyone through the website.

Blake Rivell
  • 13,105
  • 31
  • 115
  • 231
  • If it's inside a class library you need to make sure the file is embedded resource, then use `GetManifestResourceStream()`. See this SO question: https://stackoverflow.com/questions/3314140/how-to-read-embedded-resource-text-file – penleychan Feb 01 '18 at 23:42
  • is the `Path` hard coded in Class Library? or is it passed from WebForm App? – Neverever Feb 01 '18 at 23:43
  • @Neverever I can do either.. Should I store the path to the file in the App.config of the class library? Or Should I store the path to the file in the Web.config of the web app? Just need to know where the file should sit and how I can tell the code in the class library to access it when it needs to ReadAllText. – Blake Rivell Feb 01 '18 at 23:44
  • Personally for ASP.NET, I would store it in App_Data folder, App_Data is not served via web server. – penleychan Feb 01 '18 at 23:48

1 Answers1

0

In WinForm App, use

string fileName = "~/relative/path/to/privacy_key.pem";
string absolutePath = Server.MapPath(fileName);

Then in your Class Library, you can easily read the file using the absolute path.

You can also store the .pem path in Web.config, so that it's easy to configure in the future.

Neverever
  • 15,890
  • 3
  • 32
  • 50
  • Got it, however on production I am getting the following error: Access to the path 'C:\Secrets\private_key.pem' is denied. Is there a better place to place the file where IIS will be able to read it and the public will not? – Blake Rivell Feb 02 '18 at 00:11
  • Yes, you can have IIS Document Root at `C:` but put .pem file in `Z:`. but make sure you assign `read` permission to `IIS_IUSRS` (or other identity if you have different IIS setup) – Neverever Feb 02 '18 at 00:22