Are JKS (Java Key Store) files encrypted? Do they provide full protection for encryption keys, or do I need to rely solely on access control?
Is there a way to ensure that the keys are protected?
I'm interested in the gritty details, including algorithm, key management, etc. Is any of this configurable?
They are encrypted.
The algorithm is provider dependent. The provider will return the key/certificate based on a password. If you need strong security, find a keystore provider that uses a strong encryption.
To be more precise: