Client certificate based encryption

Posted by Timo Willemsen on Server Fault See other posts from Server Fault or by Timo Willemsen
Published on 2011-06-22T21:44:37Z Indexed on 2012/07/11 15:18 UTC
Read the original article Hit count: 300

Filed under:

security

|

website

|

encryption

I have a question about security of a file on a webserver. I have a file on my webserver which is used by my webapplication. It's a bitcoin wallet. Essentially it's a file with a private key in it used to decrypt messages.

Now, my webapplication uses the file, because it's used to recieve transactions made trough the bitcoin network. I was looking into ways to secure it. Obviously if someone has root access to the server, he can do the same as my application. However, I need to find a way to encrypt it.

I was thinking of something like this, but I have no clue if this is actually going to work:

Client logs in with some sort of client certificate.
Webapplication creates a wallet file.
Webapplication encrypts file with client certificate.
If the application wants to access the file, it has to use the client certificate.

So basically, if someone gets root access to the site, they cannot access the wallet. Is this possible and does anyone know about an implementation of this?

Are there any problems with this? And how safe would this be?

© Server Fault or respective owner

Related posts about security

sudo apt-get update errors

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
Here is what I get on my terminal when running sudo apt-get update errors. I dont know if the issue is from my sources.list or my proxy setup(have not made any changes to proxies). Thank you for any help in advanced. Ign http://security.ubuntu.com oneiric-security Release.gpg Ign http://security… >>> More
The Security-Developer Gap: Why IT Security Can't Fix Your Security Problems Alone

as seen on Devx - Search for 'Devx'
Two well-known white hats explain how hackers take advantage of security holes left by enterprise application developers. >>> More
The Security-Developer Gap: Why IT Security Can't Fix Your Security Problems Alone

as seen on Internet.com - Search for 'Internet.com'
Two well-known white hats explain how hackers take advantage of security holes left by enterprise application developers. >>> More
StackOverFlowError while creating Mac object on AS400/Java

as seen on Stack Overflow - Search for 'Stack Overflow'
Hello all, I am a newbie to AS400-Java programming. I am trying to create my first program to test the implementation of Message Authentication Code (MAC). I am trying to use the HMACSHA1 hash function. My (Java 1.4) program runs fine on a dev box (V5R4).But fails terribly on the QA box (V5R3). My… >>> More
Google App Engine - Spring Security Issue (java.security.AccessControlException)

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm currently getting the AccessControlException below when I deploy to app engine (I don't see it when I run in my local environment). I'm using GAE 1.3.1, Spring 3.0.1, and Spring Security 3.0.2. Any ideas how to get around this issue? It appears to be an issue with Spring Security trying to get… >>> More

Related posts about website

Need help redirecting http://website.com/ to http://www.website.com/

as seen on Stack Overflow - Search for 'Stack Overflow'
What I'm trying to do is to redirect my website visitors who enter "website.com" to "www.website.com". I would do this with a standard redirect, but I don't know how to make a site specific to WWW or non-WWW addresses. I see that Firefox thinks my site is clearly different at the WWW version, because… >>> More
Official BETA release of Developer IT

as seen on Developer IT - Search for 'Developer IT'
We finally did it It’s been a week since our first online publish and our indexer robot is going as well as the website. We already have reach more than 20,000 articles and it’s only the begining. Stay tune on http://www.developerit.com/ >>> More
Get Visitors to Your Website Using Website Building Tips

as seen on Ezine Articles - Search for 'Ezine Articles'
Before building a website there are many things that you need to take in mind. For example, how are you going to design your website, what is it going to cost you, how long will it take you to build, etc. All of these things mentioned are important aspects to consider when designing a website, but… >>> More
Website Optimization - Requirement of Every Website

as seen on Ezine Articles - Search for 'Ezine Articles'
Website optimization is now days a must for each and every website to be on the top at search engines result pages. Also it has become a vital method to drive traffic to the website. >>> More
Website Basics - Planning Your Website

as seen on Ezine Articles - Search for 'Ezine Articles'
A website begins with an idea. You probably have an idea for a site and that is the reason that you are exploring your options more. Or you may be looking to getting into Internet Marketing and need to know what is involved in getting a site up and running. >>> More