Today's Question:  What are you most afraid of as a programmer?        GIVE A SHOUT

  WRITE ARTICLE

 ALL


  Difference between keystore and truststore

Security has become a vital concern in most of the online transactions nowadays. Lots of the world's most popular websites have adopted security protocols to transfer data, especially sensitive data. These security protocols including SSL/TLS which are using the private/public key exchange mechanism to establish secure connections.  The private/public key cryptography is a really important invention and it allows data to be transferred securely and solves the big problem of transferrin...

682 0 0          SECURITY SSL KEYSTORE TRUSTSTORE


  Different types of keystore in Java -- BKS

BKS is a keystore format provided by the popular third party Java cryptographic library provider -- BouncyCastle. It is a keystore similar to the JKS provided by Oracle JDK.  Before starting to use BKS, the BouncyCastle provider has to be downloaded and installed. To download the provider, please go to BouncyCastle download page. The provider can be installed by adding an entry in the java.security file. security.provider.N=org.bouncycastle.jce.provider.BouncyCastleProvider N means the pr...

3,636 0 0          JAVA KEYSTORE BOUNCYCASTLE BKS


  Different types of keystore in Java -- Windows-MY

Windows-MY is a type of keystore on Windows which is managed by the Windows operating system. It stores the user keys and certificates which can be used to perform cryptographic operations such as signature verification, data encryption etc. Since it's a kind of native keystore, Java doesn't have a general API to access it. To help Java applications access the keys and certificates stored in Windows-MY keystore, Java provides a separate API -- SunMSCAPI. The SunMSCAPI provider is ...

5,048 5 0          JAVA KEYSTORE WINDOWS-MY SUNMSCAPI


  Different types of keystore in Java -- DKS

Domain KeyStore(DKS) is a keystore of keystore. It abstracts a collection of keystores that are presented as a single logical keystore. Itself is actually not a keystore. This new keystore type is introduced in Java 8. There is a new class DomainLoadStoreParameter which closely relates to DKS. To load different keystores into the single logical keystore, some configuration is needed. Here is the format of the configuration for grouping different keystores. domain [ ...] { keystore [ ....

4,607 0 0          JAVA TUTORIAL KEYSTORE DKS


  Different types of keystore in Java -- PKCS11

PKCS11 keystore is designed for hardware storage modules(HSM). It's an interface to talk to the HSMs. It doesn't actually store any keys but provide a set of classes to communicate with the underlying HSM. The actual keys and certificates are stored on the HSMs. The reason for storing the keys and materials is to ensure security and efficiency. Since the keys are on the HSMs, they are safe to be stolen. All encryption/decryption operations are performed on the HSMs as well, this increase the...

8,620 2 0          JAVA KEYSTORE PKCS11 HSM


  Different types of keystore in Java -- JCEKS

JCEKS stands for Java Cryptography Extension KeyStore and it is an alternative keystore format for the Java platform. Storing keys in a KeyStore can be a measure to prevent your encryption keys from being exposed. Java KeyStores securely contain individual certificates and keys that can be referenced by an alias for use in a Java program. The process of storing and loading different entries in JCEKS is similar to what JKS does. So please refer to the article Different types of keystore in Java -...

16,264 0 1          JAVA TUTORIAL KEYSTORE JCEKS


  Different types of keystore in Java -- JKS

JKS is Java Keystore, a proprietary keystore type designed for Java. It can be used to store private keys and certificates used for SSL communication, it cannot store secret keys however. The keytool shipped with JDKs cannot extract private keys stored on JKS. This type of keystore usually has an extension of jks. Next we will show how to operate the JKS keystore with pure Java code. Create JKS keystore The simplest method to create a JKS keystore to create an empty keystore. We can first get an...

14,464 2 0          DEMO EXAMPLE KEYSTORE JKS


  Generate certificate in Java -- Store certificate in KeyStore

In previous post, we have explained how to create a certificate chain in Java. After generating the chain, we need to store it somewhere so that it can be used later when we are doing the actual SSL communication, either in a key store or trust store. This post will show you how to store the private key and its associated certificate chain in a keystore file. There are different types of keystore in Java, in this post, we will choose the JKS to demonstrate how to store the certificate chain. Whe...

9,908 0 2          JAVA CERTIFICATE CHAIN KEYSTORE