开发者

Storing SSL cert in source control

Would there be a security issue with storing the SSL cert for your web app in the source code repository, SO LONG AS you were NOT storing your private key as well?

I'm a little spoiled by how easy it is to use source control to make a backup of such things, and want to make the most of it, but I also don't want to b开发者_运维技巧e sloppy about its use, or endanger security.


No. The certificate is public; the server will present it during every SSL handshake, and some CAs even maintain a public repository of all of the certificates they issue. There's no need to try to keep a certificate secret.

The private key, on the other hand, must be kept secret. And, if you were trying to authenticate someone ("two-way SSL" or client authentication), you would need to integrity protection for your root certificates. If you were to store this material in your revision control system, it should be protected with strong password.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜