Why public certificates are stored in a keystore?

Question

If certificates are public anyways, why are they stored in a password-protected keystore?

Is this a must, or a means to relate the public key to the private key?

Answer 1

There a few reasons for that:

First, in terms of implementation it is indeed a means to relate a private key to a public key. If a private key if compromised, the whole certificate is compromised.

Second, the knowledge of "who we trust" is valuable.

Third, a random user shouldn't be able to add new certificates to the trust store.