Home > Software engineering >  Desktop application and storing SSL certificate files
Desktop application and storing SSL certificate files

Time:08-16

How safe and correct is it to store a client SSL certificate just as a file in the directory along with the application (desktop client-server application)? As I understand it, this is not critical for TLS, but perhaps more critical for mTLS?

CodePudding user response:

SSL certificates are meant to be publicly distributed as they contain "public" key details needed by the other party for the desired purpose (signature verification, encryption, etc). So, it is okay to store SSL certificates however you wish from cryptographic key material leakage point of view.

But, SSL certificates contains some additional like your company information in subject or SAN. If such details are sensitive to you, it makes sense to store it in a secure manner.

Additional Information:

If the question was about the SSL private key then it is fairly safe to store private keys encrypted with a strong passphrase.

But, a private key without a passphrase is a big NO.

  • Related