3

I understand the default Java Truststore contains root certificates and other certs related to trust. However, what keys are stored in the default Java keystore? As far as I've understood, keystores are used for

which authentication credentials should be sent to the remote host for authentication during SSL handshake. if you are an SSL Server you will use private key during key exchange algorithm and send certificates corresponding to your public keys to client, this certificate is acquired from keyStore.

according to http://javarevisited.blogspot.com/2012/09/difference-between-truststore-vs-keyStore-Java-SSL.html. I find it hard to come up with use cases for a general keystore bundled with the Java environment.

Ztyx
  • 14,100
  • 15
  • 78
  • 114

1 Answers1

2

I understand the default Java Truststore contains root certificates and other certs related to trust.

Correct.

However, what keys are stored in the default Java keystore?

There isn't a default Java keystore.

I find it hard to come up with use cases for a general keystore bundled with the Java environment.

There isn't such a case, and there isn't such a keystore either.

There's nothing in your non-normative link that says anything different.

user207421
  • 305,947
  • 44
  • 307
  • 483
  • That explains things! Thanks! – Ztyx Jun 04 '15 at 10:10
  • I thought there was a default one based on the coding example here: http://stackoverflow.com/a/16229909/260805 – Ztyx Jun 04 '15 at 10:13
  • 1
    In a PKI setup, the keystore contains the _private key_, which should be kept hidden from outsiders -- so it wouldn't make sense to distribute a default keystore to everyone. You normally generate the key when setting up TLS in your server. – Mick Mnemonic Jun 04 '15 at 10:28
  • 1
    @Ztyx There's nothing in your link about a default KeyStore. It says there is a default KeyManager. That isn't the same thing. – user207421 Jun 04 '15 at 10:50