What is difference between cacerts and keystore?

2019-01-16 06:15发布

问题:

What's the difference between the two, cacerts and keystore?

If I use the definition found in these links, cacerts and keystore, it seems that they're a collection of certificates, but in context of a (Java) distributed system. Which one is used to authenticate during an SSL connection? Both or just one of them or alternate?

回答1:

'cacerts' is a truststore. A trust store is used to authenticate peers. A keystore is used to authenticate yourself.



回答2:

cacerts is where Java stores public certificates of root CAs. Java uses cacerts to authenticate the servers.

Keystore is where Java stores the private keys of the clients so that it can share it to the server when the server requests client authentication.



回答3:

Check your JAVA_HOME path. As systems looks for a java.policy file which is located in JAVA_HOME/jre/lib/security. Your JAVA_HOME should always be ../JAVA/JDK.