Keystore vs. Truststore

Keystore is used to store private key and identity certificates that a specific program should present to both parties (server or client) for verification.

Truststore is used to store certificates from Certified Authorities (CA) that verify the certificate presented by the server in SSL connection.

svg viewer

Key differences

Keystore Truststore
Keystore stores your credential. (server or client) Truststore stores others credentials (CA)
Keystore is needed when you are setting up the server side on SSL Truststore setup is required for the successful connection at the client side
Client will store its private key and identify certificate on Keystore Server will authenticate the client against the certificate stored on the server’s Truststore
javax.net.ssl.keyStore is used to specify Keystore javax.net.ssl.trustStore is used to specify Truststore.
Keystore passwords are stored in plaintext that is only readable by the specific group. Truststore passwords are stored in plaintext that can be read by everyone.
Keystore contains private and sensitive information Truststore doesn’t contain private and sensitive information

Free Resources

Copyright ©2024 Educative, Inc. All rights reserved