What is difference between cacerts and keystore?

java certificate keystore
dimas picture dimas · Jul 30, 2013 · Viewed 131.9k times · Source

What's the difference between the two, cacerts and keystore?

If I use the definition found in these links, cacerts and keystore, it seems that they're a collection of certificates, but in context of a (Java) distributed system. Which one is used to authenticate during an SSL connection? Both or just one of them or alternate?

Answer

Marquis of Lorne picture Marquis of Lorne · Jul 30, 2013

'cacerts' is a truststore. A trust store is used to authenticate peers. A keystore is used to authenticate yourself.

Related questions

How to import a .cer certificate into a java keystore?

During the development of a Java webservice client I ran into a problem. Authentication for the webservice is using a client certificate, a username and a password. The client certificate I received from the company behind the webservice is in .…

Read More
How to properly import a selfsigned certificate into Java keystore that is available to all Java applications by default?

I do want to import a self signed certificate into Java so any Java application that will try to establish a SSL connection will trust this certificate. So far, I managed to import it in keytool -import -trustcacerts -noprompt -storepass …

Read More
How to add certificate chain to keystore?

I have file with chain of certificates - certificate.cer: subject=/C... issuer=/C=US/O=VeriSign, Inc... -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE----- subject=/C=US/O=VeriSign, Inc... issuer=/C=US/O=VeriSign, Inc... -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE----- subject=/C=…

Read More