Menu
The cacerts file represents a system-wide keystore with CA certificates. System administrators can configure and manage that file using keytool, specifying jks as the keystore type. The cacerts keystore file ships with several root CA certificates. The initial password of the cacerts keystore file is changeit .
The cacerts file is a collection of trusted certificate authority (CA) certificates. Oracle includes a cacerts file with its SSL support in the Java™ Secure Socket Extension (JSSE) tool kit and JDK. It contains certificate references for well-known Certificate authorities, such as VeriSign™.
On any normal Oracle Java installation (before Java 9, this is an old answer), cacerts should be a proprietary, binary, JKS key store type.
A keystore contains personal certificates, plus the corresponding private keys that are used to identify the owner of the certificate. For TLS, a personal certificate represents the identity of a TLS endpoint.
'cacerts' is a truststore. A trust store is used to authenticate peers. A keystore is used to authenticate yourself.
cacerts is where Java stores public certificates of root CAs. Java uses cacerts to authenticate the servers.
Keystore is where Java stores the private keys of the clients so that it can share it to the server when the server requests client authentication.
Cacerts are details of trusted signing authorities who can issue certs. This what most of the browsers have due to which certs determined to be authentic.
Keystore has your service related certs to authenticate clients.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With