We really do not want to be putting the p12 file out on the filesystem. There ought to be another way to provide the p12 file as a byteArray, InputStream, etc other than the keysDirectory setting. This is java after all. We are storing the file encrypted in our database to keep it out of our infrastructure code, application code and build artifacts. We are going to have to write it out unencrypted somewhere to the filesystem just so cybersource can read it in and that's against our security policies.
We really do not want to be putting the p12 file out on the filesystem. There ought to be another way to provide the p12 file as a byteArray, InputStream, etc other than the keysDirectory setting. This is java after all. We are storing the file encrypted in our database to keep it out of our infrastructure code, application code and build artifacts. We are going to have to write it out unencrypted somewhere to the filesystem just so cybersource can read it in and that's against our security policies.