Store digital certificate on Server

Asked

Viewed 552 times

2

I am creating an application that will work and manage digital certificate of customers.

The idea is to import the customer’s certificate and I leave available subscription and transmission methods for Sefaz for example. But for those who understand digital certificate know that among the most common are A1(file) and A3(Token).

In my application I decided to meet only A1 because of the import practicality.

My question is about security, because when the client imports the certificate in my system I store this certificate in the server in the Database or Disk?

And I’m also concerned about the possibility of a hacker attack on the server. For those who understand digital certificate knows how much is a serious thing and can not be in the hands of anyone.

What would be the best way in this situation ?

java spring spring-boot certified

1 answer

2

I think the best solution is to store in database, saving the base64 certificate in a string.

So you can encrypt the certificate and password.

I work this way in my projects with digital certificate.

So all the security criteria in your database will help you.

  • That’s an approach I can use, but I’ll have a lot of certificates on my power that leaves me a little concerned about security. I think I’ll use this approach of encrypting the certificate in Base64, thank you !

  • I’m also very concerned about this, but there are other things you should implement for security. as a good authentication server even the place where your database will be hosted

  • A detail, if the answer answered you, please accept it by clicking on V. Thank you!

Browser other questions tagged java spring spring-boot certified

You are not signed in. Login or sign up in order to post.