About Keystores and Truststores

A Keystore is a special file type that holds the keys and certificates. A Keystore is a repository for sensitive cryptographic key information for self-authentication. Key entries are private keys accompanied by the certificate chain for the corresponding public key.

A Truststore holds public key certificates belonging to the message sender. Certificates held in the Truststore are trusted certificates, that is, the Keystore owner trusts that the public key in the certificate belongs to the certificate owner.

At run time, one Keystore is created for each Java CAPS Environment. Several Truststores may exist to accommodate the different relationships between TPs. Java CAPS groups both Keystores and Truststores under the common name Keystore. However, both are regarded as separate entities.

Previous: Certificate Formats
Next: Creating and Managing Private Keys