So i have a Java (Spring Boot) application where i use an RSA key from Amazon. At the moment this is in .pem
format and stored into a local folder inside my project.
But where should i store this when i deploy my application to the web (AWS):
Can store this in a other format and preferably use it in application.properties?
Can I use an RSA key as a string or does it always come from a file?
*Or do i need to store this on a secure place in the server Where would that be and how secure is it?
The best place to store a private key is in a smart card or hardware security module (HSM), so that the key can never be stolen.
Amazon does have an HSM service, but it's pricey.
The next best place to store it is in a file (owned and readable only by the user your app runs under) and store its password in an OS user environment variable, so that it's reasonably safe by default and cannot be checked in to source control.
There are other options if you do not have HSM as mentioned above now. They are:
For Vault:
For Stack Exchange Blackbox:
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With