How should I store and secure self-signed certificates?
Posted
by
Anthony Mastrean
on Programmers
See other posts from Programmers
or by Anthony Mastrean
Published on 2014-08-18T20:09:11Z
Indexed on
2014/08/18
22:31 UTC
Read the original article
Hit count: 448
security
|certificate
I'm fairly certain I shouldn't commit certificates into source control. Even if the repository is private and only authenticated coworkers (for example) have access to it. That would allow for accidental exposure (thumb drives, leaked credentials, whatever).
But, how should I store and secure certificates? I don't suppose I should just plop them on the network file server, for some of the same reasons I wouldn't put them into source control, right?
Is there some kind of secure certificate store that I can run? Does the Java "keystore" do that generally or is it specific for like weblogic servers or something?
© Programmers or respective owner