Adobe Experience Manager Sites & More

andyshreve · 9/10/21

I'm working on an AEM 6.5.9 servlet that needs to use a PKCS8 format private key to sign a JWT for a third-party application. This is not related to setting up SSL or other Adobe services. Can the private key file be stored in the crx-quickstart folder or is there a different preferred approach? And how do folks store private keys inside AEM as a Cloud Service?

rocks · 9/10/21

I would prefer to store this key under your java project as a resource file, package it as bundle and load it as when needed. Storing it on crx-quickstart exposes the private key and it is not secure.

View solution in original post

rocks · 9/10/21

I would prefer to store this key under your java project as a resource file, package it as bundle and load it as when needed. Storing it on crx-quickstart exposes the private key and it is not secure.