I need to store public key certificates and one private key certificate for my own application.
One member of our team suggested storing X509 certificates in a database, rather than storing them in the Windows certificate store, as we have done so far. I do not like to reinvent the wheel, but I should at least consider this idea. this will mean that our data is more centralized, which is good, I suppose.
The initial barriers that I see are as follows:
- The private key still needs to be stored somewhere, and I don't know if its support in the form of a public key is good. I also don't like the idea of creating a table for one item. Maybe just save the private key as a local file? (e.g. .pfx file).
- Lists of feedback. We would probably need to create a process to handle revoked public keys.
I don't have much experience with X509 certificates, so my question is: are there any other problems that we are likely to encounter storing public key certificates in the database, instead of going to the Windows certificate store?
It should be borne in mind that this application will be released on several servers of business clients, so storing all the data in one place will simplify the backup. Oh, and the corresponding home application is being developed with C # ..
Thank!
source
share