I'm going to be encrypting some fields in my database using AES_ENCRYPT() and AES_DECRYPT(), and connecting to my webpage using SSL.
The point of the exercise is that my application will be hosting some very sensitive user information which nobody else - and that should include me or anyone else who somehow gains administrative access to the server - can read it.
I understand the basic concepts of public shared key encryption - but something I don't get is where are you supposed to store the "key" string that AES_ENCRYPT/DECRYPT needs? That seems like te weakest link in the chain, and no matter how strong the encryption is, if the key is easily retrievable it all pretty much counts for nothing.
So how and where am I supposed to store the key for doing the encryption/decryption?