Expand my Community achievements bar.

SOLVED

What is the best practice for storing a private key?

Avatar

Level 4
Level 4
9/10/21 5:02:46 PM

I'm working on an AEM 6.5.9 servlet that needs to use a PKCS8 format private key to sign a JWT for a third-party application. This is not related to setting up SSL or other Adobe services. Can the private key file be stored in the crx-quickstart folder or is there a different preferred approach? And how do folks store private keys inside AEM as a Cloud Service?

Views

943

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Level 2
Level 2
9/10/21 5:09:20 PM

I would prefer to store this key under your java project as a resource file, package it as bundle and load it as when needed. Storing it on crx-quickstart exposes the private key and it is not secure.

View solution in original post

Views

939

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
2 Replies

Avatar

Correct answer by
Level 2
Level 2
9/10/21 5:09:20 PM

I would prefer to store this key under your java project as a resource file, package it as bundle and load it as when needed. Storing it on crx-quickstart exposes the private key and it is not secure.

Views

940

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
Related Conversations
MSM feature implementation for Experiecne Fragments Solved

Views

90

Likes

0

Replies

1
Target language is not showing single language code Solved

Views

153

Likes

0

Replies

5
Not able to create a site using Blue print Solved

Views

134

Likes

0

Replies

2
Is it possible to have a AEMaaC site using a mix of standard core components and react components? Solved

Views

127

Likes

0

Replies

3
How to fetch Users of a group, through Javascript Code

Views

99

Likes

0

Replies

2