Encrypting push certificate private keys

[jessepeterson]

Currently we simply store the push certificate private key in the storage backend. We don't worry about how it is stored—leaving that up to the storage backend.

However, does it make sense to encrypt the APNs push certificate private key when we store it and load it from the storage backend? Should this be done with other fields?

[alwatts]

Yes I think it makes sense to encrypt the private keys for the following reasons:

• If scaling horizontally, chances are a database on another host/VM will be used. Encrypting the private key allows the key material to be separate from its password.
• Assists with the security of database backups in the same way.