Why public certificates are stored in a keystore?

StackOverflow https://stackoverflow.com/questions/22939710

Domanda

If certificates are public anyways, why are they stored in a password-protected keystore?

Is this a must, or a means to relate the public key to the private key?

È stato utile?

Soluzione

There a few reasons for that:

First, in terms of implementation it is indeed a means to relate a private key to a public key. If a private key if compromised, the whole certificate is compromised.

Second, the knowledge of "who we trust" is valuable.

Third, a random user shouldn't be able to add new certificates to the trust store.

Autorizzato sotto: CC-BY-SA insieme a attribuzione
Non affiliato a StackOverflow
scroll top