The Java 9 platform provides increased security for keystores. In order to appreciate the changes ushered in by Java Enhancement Proposal 229, create PKCS12 keystores by default, we will first review the concept of keystores, look at the KeyStore
class, and then look at the changes.
The concept of a KeyStore
is relatively simple. It is essentially a database file, or data repository file, that stores public key certificates and private keys. The Keystore
will be stored in the /jre/lib/security/cacerts
folder. As you will see in the next section, this database is managed by Java's java.security.KeyStore
class methods.
KeyStore
features include:
- Contains one of the following entry types:
- Private keys
- Public key certificates
- Unique alias string names for every entry
- Password protection for each key