The Artima Developer Community
Sponsored Link

Java Buzz Forum
trustStore vs keyStore in Java SSL

1 reply on 1 page. Most recent reply: Dec 22, 2016 2:02 AM by Akash Deep

Welcome Guest
  Sign In

Go back to the topic listing  Back to Topic List Click to reply to this topic  Reply to this Topic Click to search messages in this forum  Search Forum Click for a threaded view of the topic  Threaded View   
Previous Topic   Next Topic
Flat View: This topic has 1 reply on 1 page
Javin Paul

Posts: 1090
Nickname: javinpaul
Registered: Jan, 2012

Javin Paul is Java Programmer working on Finance domain.
trustStore vs keyStore in Java SSL Posted: Dec 12, 2012 5:13 AM
Reply to this message Reply

This post originated from an RSS feed registered with Java Buzz by Javin Paul.
Original Post: trustStore vs keyStore in Java SSL
Feed Title: Java67
Feed URL:
Feed Description: Java and technology tutorials, tips, questions for all programmers.
Latest Java Buzz Posts
Latest Java Buzz Posts by Javin Paul
Latest Posts From Java67

Main difference between trustStore vs keyStore is that trustStore (as name suggest) is used to store certificates from trusted Certificate authorities(CA) which is used to verify certificate presented by Server in SSL Connection while keyStore is used to store private key and own identity certificate which program should present to other party (Server or client) to verify its identity. That was one liner difference between trustStore vs  keyStore in Java but no dobut these two terms are quite confusion not just for any one who is first time doing SSL connection in Java but also many intermediate and senior level programmer. One reason of this could be SSL setup being one time job and not many programmers gets opportunity to do that. In this Java article we will explore both keystore and truststore and understand key differences between them. By the way you can use keytool command to view certificates from truststore and keystore. keytool command comes with Java installation and its available in bin directory of JAVA_HOME.
Read more »

Read: trustStore vs keyStore in Java SSL

Akash Deep

Posts: 1
Nickname: akkida746
Registered: Dec, 2016

Re: trustStore vs keyStore in Java SSL Posted: Dec 22, 2016 2:02 AM
Reply to this message Reply
Keystore is used by a server to store private keys, and truststore is used by third party client to store public keys provided by server to access. I have did that in my production application. Below are the steps for generating java certificates for SSL communication:

1. Generate a certificate using keygen command in windows:

keytool -genkey -keystore server.keystore -alias mycert-20161109 -keyalg RSA -keysize 2048 -validity 3950

2. Self certify the certificate:

keytool -selfcert -alias mycert-20161109 -keystore server.keystore -validity 3950

3. Export certificate to folder:

keytool -export -alias mycert-20161109 -keystore server.keystore -rfc -file mycert-20161109.cer

4. Import Certificate into client Truststore:

keytool -importcert -alias mycert-20161218 -file C:\certs\mycert-20161218.cer -keystore .truststore

Flat View: This topic has 1 reply on 1 page
Topic: Pivotal Cloud Foundry 1.9 out Previous Topic   Next Topic Topic: 2% increase in IT budgets predicted

Sponsored Links


Copyright © 1996-2018 Artima, Inc. All Rights Reserved. - Privacy Policy - Terms of Use