• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 218
  • Last Modified:

JKS to store upstart data

I'm wondering if its possible to use JKS as an alternative to zookeeper or databases..
im writing an app that has some important information that needs to be created upon startup, this information should be kept safe/secure/encrypted.  upon shutting down the app, i'd like the created info to be stored on disk, and next time server starts back up to load this info from .jks file... im pretty sure its possible but i've yet experience a situation where someoen stored more then just a hash/pw/private key in a .jks file...

i've read " The keystore a database which holds encrypted information and the information about how to decrypt it. If you do not specify a keystore, the default keystore to use is a file called .keystore in your home directory." from https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6/html/Administration_and_Configuration_Guide/Create_a_Java_Keystore_to_Store_Sensitive_Strings.html so hence my question.

thx for the feedback
0
Squadless
Asked:
Squadless
1 Solution
 
CEHJCommented:
Certainly using a keystore is the wrong tool for the job. But there's a bigger problem: you can't encrypt and store data securely in the same location you're proposing to keep the keys to do that. That's the main reason why professional applications do not have client-side databases

One way of doing it securely would be to make the user enter the secret into the gui on startup and then connect over SSL to the entity that would supply the data for the rest of the gui. The secret would not be stored anywhere on the client
0
 
SquadlessAuthor Commented:
on point as usual
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now