Hello guys, this is one of the common errors in a client-server application. The big problem in solving this error is not the error but the knowledge of how client-server SSL handshake works. I have blogged about that before and if you have read that you know that in order to connect to any website or server (like LDAP Server) using SSL, you need to have certificates (public keys) to validate the certificates sends by the website you are connecting. If you don't have the root certificate or public key, which is required to validate the certificate presented by the server in your JRE truststore then Java will throw this error.
How to add or view SSL certificate in Java keyStore or trustStore? keytool command examples
The keytool command in Java is a tool for managing certificates into keyStore and trustStore which is used to store certificates and requires during the SSL handshake process. By using the keytool command you can do many things but some of the most common operations are viewing certificates stored in the keystore, importing new certificates into the keyStore, delete any certificate from the keystore, etc. For those who are not familiar keyStore, trustStore, and SSL Setup for Java application Here is a brief overview of What is a trustStore and keyStore in Java.
Difference between trustStore vs keyStore in Java SSL
If you are confused between truststore and keystore and looking to find what exactly they mean then you have come to the right place. Earlier, I have shared free Java courses and today, I am going to tell you the difference between trustStore and keyStore in Java. Both trustStore and keyStore are important but confusing concepts and constantly tormented Java developers when they connect to servers using SSL. The main difference between trustStore vs keyStore is that trustStore (as the name suggest) is used to store certificates from trusted Certificate authorities(CA) which are used to verify certificate presented by Server in SSL Connection while keyStore is used to store the private key and own identity certificate which program should present to other parties (Server or client) to verify its identity.
Subscribe to:
Posts (Atom)