Keys need to be stored securely with similar configuration to the filestore.
Ideally a keystore would:
- Reside on an encrypted storage device
- Be encrypted by a server-side key
- Contain an AES key encrypted client-side
- Be easily indexed and searchable
- Be only readable by the application's running user
Keys need to be stored securely with similar configuration to the filestore.
Ideally a keystore would: