Where to store service certificates and their associated private key?

certificate ssl ssl-certificate

Reading this explanation on /var/lib and this answer was very helpful.

It appears that the right place to store certificates and private keys generated and renewed by my program is in /var/lib/<program-name> with sub-directories certs and private.

Related

cloning with dd - is non-partitioned space considered the same as empty space within filesystem for resulting image size?
Hyper-V Cluster 2019 suggestion for requirements [closed]
Where to put ansible pub key from linux host on Windows target?
initial cisco nexus setup without serial cable
Cannot reach keepalived VIP from other machines in the same network
Is there a variable containing the domain name in nginx?
How to change datadir for MariaDB?
How can I disable users in "domain admins" group from running sudo?
Rewrite image request to sub-directory structure in Nginx
Where does tcpdump get the source IP from for a TCP packet?
Alpine ping: operation not permitted
Is there a way to get current txqueue utilization on e.g. eth0 or tun device?