Skip to main content

SSL

KeyStore - Used to store the application's own keys.

  1. These are keys returned when the client starts the HTTPS session to the application.
  2. The same keys are used when the application makes an HTTPS call and the server asks for the client certificates. Truststore - Used to store all known and trusted certificate authorities.
default trust store

The default trust store comes with the JRE.

To use a private or self-signed certificate authority, you must use a custom truststore.

Trustmanager

This component runs whenever an SSL request comes in. The Java SDK has a default trustmanager. Add a custom trustmanager to run extra checks during the SSL handshake.

Certificate vs Keys

SSL has two parts - Certificate and Keys. The certificate validates the server. The public key in it encrypts the data.

The server has the private key from when the SSL certificate was issued. It uses that to decrypt the data.

File formats

Formats like .pem, .key, .crt, .csr, and .p12 hold different data. Some hold only certificates. Some hold private or public keys, or all three.

SSL
Last updated on by Swaroop Raghupathy