KeyStore and Trust Store are not two different storage.  They are similar in physically but it is identified differently due the the context which they are used for. 

Trust Store is also a KeyStore.  But Trust Store only contains a trusted public certificate of other parties.  It does not contain a private key certificate. 

But KeyStore contains private keys and the certificates with their corresponding public keys.

Finally;  If there is a KeyStore which only contains public certificates,  we can mentioned it as Trust Store. 

Most common type of public certificate is the CA certificate which is the public certificate of a Certificate Authority.  If entity trusts a CA certificate, all the public certificates which are signed by the CA, can be trusted by the entity. So; Trust Store mainly contains the CA certificates rather than individual public certificates. 

Most common and popular trust store is the cacert which is default shipped with Java installation.  You can find it from  "/lib/security" directory.  Default password it cacert is changeit

>keytool -list -keystore /jre/lib/security/cacerts

cacerts contains  most common trusted CA certificates which are available in the internet.

When you are running a JAVA based program.  cacerts is set as the default Trust Store.

Thanks for reading..!!!

Post a Comment

Dear readers, after reading the Content please ask for advice and to provide constructive feedback Please Write Relevant Comment with Polite Language.Your comments inspired me to continue blogging. Your opinion much more valuable to me. Thank you.