• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Where to store password for keystore ??

 
Ranch Hand
Posts: 31
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have primary keys etc stored in java key store and I have hard coded the password for keystore for now but I am thinking to store that password in text file in encrypted form. The architect of my team does not want to store password for keystore in database so now I need two way hashing algo. to store password in text file and then read it back at server start.

Any idea from where I can get two way hashing algo in java ??

Or are there any other better means to store password for key store.
 
Ranch Hand
Posts: 2308
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
To access the keystore you need a password .Are you talking about that password ?

MD5 you can use to create message digest , that is Hashing.
One more thing I guess you are aware of that Hashing is one way process , you cannot reverse it to retrieve the original password.
 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Yes, hashing is a one-way process. What you're talking about is encryption (which can be reversed, given the password).

But to encrypt the password (and later decrypt it), you'd need another password, which you would need to store in cleartext somewhere. And so on, and so on. So I don't think encrypting the keystore password buys you much (or any) security.

But since this is a server application, what problem do you see with storing the keystore password in cleartext in some file? Are the system admins untrusted? Or do you fear the system getting compromised from the outside?
 
Shariq Roomi
Ranch Hand
Posts: 31
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Guys. If the server get compromized then we would have problem so this is the reason we do not wnat to keep password in plain text.
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
    Bookmark Topic Watch Topic
  • New Topic