application password management RRS feed

  • Question

  • Hi,

    We have a client/server application. They communicate using SSL. The client and server authenticate each other. The server is an automated application, which runs as a service during windows start-up. This server application needs to load the server certificate which is encrypted using a key. How the server application can manage this key? I know that, storing the key in the application binary is not a good idea. It is not safe to store it in the file system also. Does windows provide some mechanism for storing and retrieving passwords for applications? or what is the right way to solve this kind of problems?





    Monday, June 20, 2011 11:07 AM

All replies