Store and read private key securely

Asked Sep 22 '16 at 14:31

Active Sep 22 '16 at 14:31

Viewed 180 times

i'm wondering what would be the best way to store private key in web server and read it from web apps?

So far the action taken is the directory of private key will deny all access from browser, and the directory files can be read and write by privilege user but i'm afraid it is still insufficient.

asked Sep 22 '16 at 14:31

Alia Ramli Ramli

What kind of private key are you talking about? The server key for SSL? That shouldn't be readable from webapps at all only for the server daemon but it shouldn't be stored in a directory accessible from the web or read by web applications – Broco Sep 22 '16 at 14:41
not ssl more on exchange cert key – Alia Ramli Ramli Sep 22 '16 at 14:46
use a smart card or hardware security module – Neil McGuigan Sep 22 '16 at 17:17

Store and read private key securely

0 Answers0