How to deal with public and private key in a Spring Boot application? I would like to verify messages between clients with private and public key signatures in a Spring Boot application. What is the best way to do this? Any best practices?