Java trustStore和keyStore的区别用法及代码示例

TrustStore 用于存储来自认证机构 (CA) 的证书，该机构验证 SSL 连接中服务器提供的证书。而Keystore用于存储私钥和身份证书，特定程序应将其呈现给双方(服务器或客户端)进行验证。由此得出的结论是，它们是相反的。通俗地说，我们可以直接得出这样的结论：在认证中，trustStore 保存的是识别他人的身份证书，而 keyStore 保存的是识别我们的身份证书。

在 Java 中和在编程语言中一样，每当我们尝试与第三方应用程序通信时都会使用这个概念。客户端和服务器之间的连接用keyStore和trustStore来图示，如下：

TrustStore和KeyStore之间的区别如下表内容所示：

TrustStore	KeyStore
TrustStore不包含私人和敏感信息。	Keystore contains private and sensitive information.
javax.net.ssl.trustStore is used to specify TrustStore.	javax.net.ssl.keyStore is used to specify Keystore.
TrustStore setup is required for the successful connection at the client side.	在 SSL 上设置服务器端时需要 key 库。
TrustStore 存储其他人的凭据。	Keystore stores your credential.
A TrustStore holds the certificates of external systems that you trust.	KeyStore 保存您的应用程序的证书。
TrustStore password is given by following extension Djavax.net.ssl.trustStorePassword.	KeyStore password is given by following extension Djavax.net.ssl.keyStorePassword
TrustStore and TrustStore passwords are stored in clear files and is visible to all.	Keystore and key passwords are stored in plain text, in a file that is readable only by members of the appropriate group.

相关用法

注：本文由纯净天空筛选整理自pranaythanneru大神的英文原创作品 Difference Between trustStore and keyStore in Java。非经特殊声明，原始代码版权归原作者所有，本译文未经允许或授权，请勿转载或复制。