How is this private key encription approach?
I am trying to use private key encription to protect the data in my database at my site http://www.stlouisccc.org/ which is host by a provider. However, if is not really safe to save the key on the host machine. I am planning to enter the key through a form on a webpage and save the key in the memory. With this approach, enen if a hacker copies the entire application, the data remains encripted. The drawback is that I have to enter the key everytime the JSP server is restarted for any reason. Is this a bad idea?