...
There are two main keystores in Java, KeyStores and TrustStores. Although the format of these files are the same and theoritically can be used interchangeably, the purpose of each differsone is different.
- A KeyStore is used to hold information that identify the user eg. this is the place where we hold an SSL certificate that protects a web server.
- A TrustStore holds information that helps the user identify a 3rd party eg. this is the place where a browser would hold root certificates that certify the validity of signed certificates presented by a web server.
The Certificate Tool can be used to perform the following functions for a KeyStore:
...
When securing a web server eg. Tomcat we need to configure it to use a Key-Certificate Pair from a KeyStore. This Key-Certificate Pair can be either self-signed or signed by a trusted Certificate Authority. There are many commercial services that can be used to sign that key. If the pair is self-signed then some programs (eq browsers) will provide a warning about the validity of the Certificate while some others will refuse to accept the connection without further configuration.
Downloading the
...
Tools
Create a new KeyStore containing a new self-signed Key-Certificate Pair
...