Configuring Java CAPS for SSL Support
KeyStores and TrustStores
The JSSE makes use of files called KeyStores and TrustStores. The KeyStore is used by the adapter for client authentication, while the TrustStore is used to authenticate a server in SSL authentication.
- A KeyStore consists of a database containing a private key and an associated certificate, or an associated certificate chain. The certificate chain consists of the client certificate and one or more certification authority (CA) certificates.
- A TrustStore contains only the certificates trusted by the client (a “trust” store). These certificates are CA root certificates, that is, self-signed certificates. The installation of the Logical Host includes a TrustStore file named cacerts.jks in the location:
<c:\JavaCAPS>\appserver\domains\<MyDomain>\config
where <c:\JavaCAPS> is the directory where Java CAPS is installed and <MyDomain> is the name of your domain. This file is recommended as the TrustStore for the Sun Adapters.
Both KeyStores and TrustStores are managed by means of a utility called keytool, which is a part of the Java SDK installation.
- 2010, Oracle Corporation and/or its affiliates
时间: 2024-09-20 05:41:38