Monday, December 17, 2012

Key Stores and Trust Stores

The meaning of a Key Store is a database (usually in the form of a disk file) where private/public keys and certificates - which can be used for signing encrypting and creating trust - are stored.

However, for the sake of being clearer, two separate files are usually used...

One for storing private keys, certificates and their corresponding public keys, which is generally called the Key Store.

And another to store the certificates of trusted parties (these can include certificates from Certificate Authorities) and their public keys, which is called a Trust Store.

In Java the file extension for these stores goes as .jks. And access to both these file types are done using the KeyStore class.

Creating key stores can be done using the Java keytool command.


No comments: