I have set up my dev env VS2022 and umb 9.3 have got the following in the secrets.json, so as the connection string does not end up in git repository.
{ "ConnectionStrings": { "umbracoDbDSN": "server=XXXXX\SQLEXPRESS;database=umb9.demo.dev;user id=webSQLuser;password='XXXXXXXXXXXXXXX" } }
I am deploying to an IIS server - whats the best practice or recommend way to store the connection string on the server hosting IIS?
?
Unfortunately Microsoft does not provide an in-the-box way to secure production config secrets in ASP.NET core. Microsoft's solution to this problem is that you host any secrets in Azure Key Vault. They also support storing secrets as non-encrypted environment variables which is a tiny bit better than having secrets in config files.
If you need an encrypted on-prem solution, you can look into self-hosting HashiCorp Vault or Thycotic Secret Server for secrets. There are probably other 3rd party options out there too.