My web application have a continuously running service to send a report to a ftp server, the file need to be encrypted by using a Public Key. Thus my question is where should I store the Public Key? I only have one Public Key so using an advanced Key Store seems to be overkill?
Should I just manually create a folder on the server and store it in there?
A public key can be read by anybody, by definition. Therefore it is not a security issue to have it available for everybody.
Storage of the public key (or more likely a certificate containing it) isn't the part that matters. What matters is the location of the private key. That should be located in storage which is ideally only accessible by the web application.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With