|I have a .NET Core WebAPI, and I have the db connection string stored in the appsettings.json.
In my company, the policy is the db password would change every 6 months. Since this is a pretty common IT security requirement, I wonder how other people handle their application's connection string?
Every 6 months, edit the appsettings.json, re-deploy
Just go and edit the connection string directly on production server while it's running (since the appsettings.json is read during run time, I assume this would not be a problem?)
How do you guys do this?
We are using on-prem Azure DevOps, if that makes any difference.
modified 18-May-21 9:17am.