cacerts - JDK or JRE

Question

I need to add a trusted certificate into cacerts on one of my servers.

I can see that it goes under $JAVA_HOME/jre/lib/security/ from other questions

But I also have a second cacerts file, two locations are:

C:\Program Files\Java\jdk1.8.0_92\jre\lib\security

C:\Program Files\Java\jre1.8.0_92\lib\security

Up to now, I've been adding any certificates into both, which is probably not correct. Is it definitely the first option, and if so, what's the use of the second one?

Answer 1

The JDK and JRE are different pieces of software, although they are related. Typically the JDK bundle will include the JRE (Java run-time system) plus some other tools. You can use either to run your code, so long as you don't need JDK functionality at runtime (e.g., you're not compiling code on-the-fly). You should put your certificates into whichever (JDK or JRE) you are actually using to run your application.