How should I store and secure self-signed certificates?
- by Anthony Mastrean
I'm fairly certain I shouldn't commit certificates into source control. Even if the repository is private and only authenticated coworkers (for example) have access to it. That would allow for accidental exposure (thumb drives, leaked credentials, whatever).
But, how should I store and secure certificates? I don't suppose I should just plop them on the network file server, for some of the same reasons I wouldn't put them into source control, right?
Is there some kind of secure certificate store that I can run? Does the Java "keystore" do that generally or is it specific for like weblogic servers or something?