|
Java™
by example!
|
|
|
What is a keystore?
A keystore is a database (usually a file) that can contain trusted certificates and combinations of private keys with their corresponding certficiates.
- trusted certificates: these are certificates from the entities you trust, for example a certificate from Thawte. Trusted certificates are used to validate other certificates. For example, suppose you have a certificate A signed by Thawte and you want to check it for trustworthiness. Certificate A contains: a public key, some identification information about the certificate (name, etc.), a digital signature (calculated by the one that is vouching for the certificate, in this case Thawte), and some identification information about the voucher. Now you can extract the digital signature from A and decrypt it with the public key from the Thawte (stored in the keystore as a trusted certificate) to check the validity the public key of A.
- private keys/certificates: each is a public key certificate with their corresponding private keys.
To create a keystore containing a self-signed certificate:
The keystore containing the trusted certificates is located at JRE_HOME/lib/security/cacerts. You
can list its contents:
Further Information
Author of answer: Joris Van den Bogaert
Comments to this answer are only viewable by members. Login or become a member!
|
|
|
|
|
In-house 