Keystore vs Truststore Differences

The following tables presents basic understanding and insights into the keystore and trustore differences

KeyStore

· Keystore is used to store your credential

· Truststore is used to store others credential

— — — — — — — — — — — — — — — — — — — — — — — — — — — -

· Keystore holds private keys, certificates with public keys and some secret keys that identify our own system

· It’s the opposite in case of truststore, truststore holds certificate that identify others

— — — — — — — — — — — — — — — — — — — — — — — — — — — -

· When we must use HTTPS, server and client needs keystores and truststores

· For SSL handshake, server looks up its private key from the keystore and presents its corresponding public key and certificate to the client.

· Then client contains the server’s certificate in the truststore to make the connection.

This is one-way

— — — — — — — — — — — — — — — — — — — — — — — — — — — -

For two way, (mutual authentication situation)

· Client also need to authenticate itself so, client presents it public key and certificate to the server.

· Server’s truststore contains it for validation and makes the connection