You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It would be very useful if we could force replacing the strong name of some referenced assemblies.
Example scenario:
Deploying an assembly to SQL Server / SQL CLR
In order to deploy an assembly to SQL Server, the assembly must have a strong name, and we need to create an asymmetric key for every different strong name public key in every assembly referenced (as they have to be added to SQL Server too).
e.g.:
MyCompanyAssembly.dll (signed with MyCompany.snk)
OpenSourceLibraryANotSigned.dll (signed with MyCompany.snk via StrongNamer)
ClosedSourceVendorLibraryBSigned.dll (signed with their privateProjectB.snk)
OpenSourceLibraryCSigned.dll (signed with their publicProjectC.snk)
OpenSourceLibraryDSigned.dll (signed with StrongNamer's SharedKey.snk, by the maintainer)
...
Based on the examples above, we'll need to create 4 asymmetric keys in SQL Server. One for each different strong name key file.
Besides the extra work, it brings security concerns as we're now enabling SQL Server to allow the registration of any assembly that is signed with one of these keys, some of which are publicly available.
In this scenario, it would be ideal to have StrongNamer replace the strong name on all of these referenced assemblies with MyCompany.snk, which would make the deployment a lot simpler as only one asymmetric key would be needed in SQL Server, and it's the one we trust.
The text was updated successfully, but these errors were encountered:
It would be very useful if we could force replacing the strong name of some referenced assemblies.
Example scenario:
Deploying an assembly to SQL Server / SQL CLR
In order to deploy an assembly to SQL Server, the assembly must have a strong name, and we need to create an asymmetric key for every different strong name public key in every assembly referenced (as they have to be added to SQL Server too).
e.g.:
MyCompanyAssembly.dll(signed withMyCompany.snk)OpenSourceLibraryANotSigned.dll(signed withMyCompany.snkvia StrongNamer)ClosedSourceVendorLibraryBSigned.dll(signed with their privateProjectB.snk)OpenSourceLibraryCSigned.dll(signed with their publicProjectC.snk)OpenSourceLibraryDSigned.dll(signed with StrongNamer'sSharedKey.snk, by the maintainer)Based on the examples above, we'll need to create 4 asymmetric keys in SQL Server. One for each different strong name key file.
Besides the extra work, it brings security concerns as we're now enabling SQL Server to allow the registration of any assembly that is signed with one of these keys, some of which are publicly available.
In this scenario, it would be ideal to have StrongNamer replace the strong name on all of these referenced assemblies with
MyCompany.snk, which would make the deployment a lot simpler as only one asymmetric key would be needed in SQL Server, and it's the one we trust.The text was updated successfully, but these errors were encountered: