Best practice for placing private keys in APIgee

Not applicable

Hi,

Can someone advice on the best place for placing private keys for message signing.

We are planning to store them in KVM right now in encoded form and using a Java callout policy to access it and sign a message.

The org is in public cloud.

Thanks,

Jaskaran

Solved Solved
0 3 841
1 ACCEPTED SOLUTION

akoo
Participant V

Hello all, I wanted to add an important note: encrypted KVMs are here. Details are in our documentation: http://docs.apigee.com/api-services/reference/key-value-map-operations-policy . You now have an option for encrypted data without having to use Node.js.

View solution in original post

3 REPLIES 3

Not applicable

Hi @Maruti Chand,

Thanks for the response. But the problem with this is making node as the target. Of course we will wait for the Vault policy to be available.

I also feel the key is as secure in jar(if not less) as in KVM.

Thanks,

Jaskaran

akoo
Participant V

Hello all, I wanted to add an important note: encrypted KVMs are here. Details are in our documentation: http://docs.apigee.com/api-services/reference/key-value-map-operations-policy . You now have an option for encrypted data without having to use Node.js.