GSKit security considerations
If an attacker obtains access to the private keys the associated certificates can't be trusted, compromising the servers that depend on them. You can help protect the key database file by:
- Using a strong password for your key database file.
- Protecting the stored password file (the .sth file) using the file system's security mechanisms if you use the GSKit stashed password feature. For example, you can set the file permissions to restrict access to this file to certain users.
- Restricting file system access to the key database file (the .kdb file) so that it is only readable by the users that run an application that uses the key database.
If you manage your own Certificate Authority, you must ensure that any certificate signing request comes from an identity that is authorized to access the resource the requested certificate is for. The trustworthiness of certificates issued by the Certificate Authority is only as good as the process used to verify the identity of the requester.