Where should I store the Public Key?
-
25-09-2019 - |
Question
My web application have a continuously running service to send a report to a ftp server, the file need to be encrypted by using a Public Key. Thus my question is where should I store the Public Key? I only have one Public Key so using an advanced Key Store seems to be overkill?
Should I just manually create a folder on the server and store it in there?
Solution
Storage of the public key (or more likely a certificate containing it) isn't the part that matters. What matters is the location of the private key. That should be located in storage which is ideally only accessible by the web application.
OTHER TIPS
A public key can be read by anybody, by definition. Therefore it is not a security issue to have it available for everybody.
If this key is public you can store it anywhere. Folder is ok.