Open In App
Related Articles

Difference Between trustStore and keyStore in Java

Like Article
Save Article
Report issue

TrustStore is used to store certificates from Certified Authorities (CA) that verify the certificate presented by the server in an SSL connection. While Keystore is used to store private key and identity certificates that a specific program should present to both parties (server or client) for verification. This concludes that they are opposite of each other. In a layman’s language, we can directly conclude up that in a certification trustStore holds identification certificates that identify others while keyStore holds the identification certificates that hold us. 

Here in java as in programming language, this concept is used whenever we are trying to communicate with third-party applications. The connection between the client and the server are diagrammatically represented for the keyStore and trustStore, which is as follows:

The difference between TrustStore and KeyStore is shown below in the tabular content:



TrustStore doesn’t contain private and sensitive information.

Keystore contains private and sensitive information. is used to specify TrustStore. is used to specify Keystore.

TrustStore setup is required for the successful connection at the client side.

Keystore is needed when you are setting up the server-side on SSL.

TrustStore stores other’s credentials.

Keystore stores your credential.

A TrustStore holds the certificates of external systems that you trust.

A KeyStore holds your application’s certificates.

TrustStore password is given by following extension

KeyStore password is given by following extension

TrustStore and TrustStore passwords are stored in clear files and is visible to all.

Keystore and key passwords are stored in plain text, in a file that is readable only by members of the appropriate group.

Last Updated : 26 May, 2021
Like Article
Save Article
Share your thoughts in the comments
Similar Reads