Salesforce B2C Commerce 24.7 > B2C Commerce Security Guide > Security Best Practices for Administrators > Secure Storage

Private Keys and Certificates

In various scenarios, you need to import your 3rd party certificates and private keys into your instanceโ€™s keystore. A keystore can store multiple entries, each of which can be of type PrivateKeyEntry or of type TrustedCertificateEntry. This is similar to the terminology used by java.security.KeyStore.

Note: Salesforce B2C Commerce uses an internal password to encrypt the instanceโ€™s keystore.

Private Key Entry

Each PrivateKeyEntry in an instanceโ€™s keystore holds the private key and its corresponding public key. This set of keys is used to communicate with external web services and to transfer files from your instanceโ€™s WebDAV client to external WebDAV servers. Custom code that uses a KeyRef or CertificateRef parameter use these keys when encrypting or decrypting data, for example, custom code used to encrypt or decrypt data.

Note: The certificate needed for the eCDN is imported separately to the eCDNโ€™s keystore and not to the instanceโ€™s keystore.

Trusted Certificate Entry

Each TrustedCertificateEntry in an instanceโ€™s keystore holds the public key certificates that are used to validate server certificates when establishing outbound SSL connections. By default, B2C Commerce recognizes only the root CAs that ship with Oracle's Java platform. However, you can import a CA certificate to the instanceโ€™s keystore.

Certificate Rotation

The rotation of certificates, and their corresponding private keys, is important for a variety of reasons, including dealing with expired certificates, revoked certificates, or private key compromise. If a certificate expires, certificate rotation is required to continue using the certificate to secure your communications. If a certificate is revoked or a private key is compromised, certificate rotation is required to prevent an attacker from abusing the certificate.

If you use certificate rotation to protect data at rest using custom code, then the situation is more complex because you must deal with data that was encrypted with the previous key.

Follow these steps to handle this situation.

  1. Generate a new key.
  2. Identify the data encrypted with the old key.
  3. Decrypt the data with the old key.
  4. Re-encrypt the data with the new key.
  5. Delete the old key and the data encrypted with the old key.

Retain the old key in case data that was encrypted with the old key wasnโ€™t identified in this process.

Related tasks
Import 3rd Party Private Keys and Certificates for an Instance
Add a SSL Certificate to an eCDN Zone and Configure DNS Mapping

Infocenter Retirement: On June 30, 2023, the Infocenter was retired, and documentation currently hosted on the Infocenter will be published to Salesforce Help, Commerce Cloud Developer Center, and Salesforce B2C Commerce Developer Documentation Resources. For more information, see the release note.