[Openid-specs-fapi] Securing server keys
Anders Rundgren
anders.rundgren.net at gmail.com
Wed Oct 6 05:35:00 UTC 2021
Hi List;
This is an off-topic posting but maybe you guys have an idea about this anyway? :)
There are tons of applications out there that depend on private or secret keys for securing server-to-server communication.
This is a typical configuration:
// Application certificate
cert: fs.readFileSync('cert.crt'),
// Private key associated with application certificate
key: fs.readFileSync('key.pem'),
// Public certificate chain.
ca: fs.readFileSync('ca.pem'),
Open question: How do you envision that this problem could be addressed?
thanx,
Anders
More information about the Openid-specs-fapi
mailing list