2
I am creating an application that will work and manage digital certificate of customers.
The idea is to import the customer’s certificate and I leave available subscription and transmission methods for Sefaz for example. But for those who understand digital certificate know that among the most common are A1(file) and A3(Token).
In my application I decided to meet only A1 because of the import practicality.
My question is about security, because when the client imports the certificate in my system I store this certificate in the server in the Database or Disk?
And I’m also concerned about the possibility of a hacker attack on the server. For those who understand digital certificate knows how much is a serious thing and can not be in the hands of anyone.
What would be the best way in this situation ?
That’s an approach I can use, but I’ll have a lot of certificates on my power that leaves me a little concerned about security. I think I’ll use this approach of encrypting the certificate in Base64, thank you !
– JeanKBN
I’m also very concerned about this, but there are other things you should implement for security. as a good authentication server even the place where your database will be hosted
– Rodrigo K.B
A detail, if the answer answered you, please accept it by clicking on V. Thank you!
– Rodrigo K.B