问题
My web application have a continuously running service to send a report to a ftp server, the file need to be encrypted by using a Public Key. Thus my question is where should I store the Public Key? I only have one Public Key so using an advanced Key Store seems to be overkill?
Should I just manually create a folder on the server and store it in there?
回答1:
Storage of the public key (or more likely a certificate containing it) isn't the part that matters. What matters is the location of the private key. That should be located in storage which is ideally only accessible by the web application.
回答2:
A public key can be read by anybody, by definition. Therefore it is not a security issue to have it available for everybody.
回答3:
If this key is public you can store it anywhere. Folder is ok.
来源:https://stackoverflow.com/questions/4202672/where-should-i-store-the-public-key