cacerts - JDK or JRE

java certificate-store
achAmháin picture achAmháin · Oct 2, 2017 · Viewed 10.1k times · Source

I need to add a trusted certificate into cacerts on one of my servers.

I can see that it goes under $JAVA_HOME/jre/lib/security/ from other questions

But I also have a second cacerts file, two locations are:

C:\Program Files\Java\jdk1.8.0_92\jre\lib\security

C:\Program Files\Java\jre1.8.0_92\lib\security

Up to now, I've been adding any certificates into both, which is probably not correct. Is it definitely the first option, and if so, what's the use of the second one?

Answer

Kevin Boone picture Kevin Boone · Oct 2, 2017

The JDK and JRE are different pieces of software, although they are related. Typically the JDK bundle will include the JRE (Java run-time system) plus some other tools. You can use either to run your code, so long as you don't need JDK functionality at runtime (e.g., you're not compiling code on-the-fly). You should put your certificates into whichever (JDK or JRE) you are actually using to run your application.

Related questions

Accessing Windows Certificate Store certs via Java?

I'm looking to write something that can enumerate and use (to sign) certificates in CurrentUser/My and LocalMachine/My, but I haven't been able to find anything for the Windows cert store, only Java's own secret store. This link looks …

Read More
Access Local Machine Certificate Store in Java?

Is it possible to access certificates stored in the Local Machine store (rather than Current User) from a Java Servlet? I've tried using the MSCAPI provider opening the "Windows-MY" and "Windows-ROOT" stores, but neither contain certificates from the Local Machine …

Read More
How do I convert a String to an int in Java?

How can I convert a String to an int in Java? My String contains only numbers, and I want to return the number it represents. For example, given the string "1234" the result should be the number 1234.

Read More