Reputation: 164
Where should I store private certificate files in laravel?
I want to store a private certificate file so I can use it to validate user files but where can I store it privately. Should I store in storage/app folder or somewhere else ?
Upvotes: 4
Views: 2569
Answers (1)
Reputation: 1310
It mostly depends on where you deploy your app.
Option 1 - application in a cloud: If you deploy your app in a cloud the solution is really simple. Just take advantage of services designed for secrets management (e.g. AWS Secrets Manager).
Option 2 - custom infrastructure:
In this case, you have 2 options. You can either store your key/cert in a security manager installed locally (e.g. Knox) or as a plaintext somewhere on your server. In the latter case, it doesn't matter where exactly you store it. It is only important that this location is not publicly accessible. The storage/app is OK. Just make sure it's not storage/app/public :)
Upvotes: 2
Related Questions
- Where should we store APNs p8 key on web server?
- How i do store public key and private key in Laravel Storage app folder
- Where to put a file in Laravel not available to the public
- directory for public and private file in laravel
- what's the best place to save encryption public and private keys in a laravel server
- Where to save files in Laravel 5 folder structure?
- Laravel store custom file securely
- Where to put API key file in Laravel
- Where is the right place to put files in Laravel?
- Where to put my HTTPS files in Cpanel