Wednesday, January 23, 2019

Trust Store, Key Store, One Way SSL and Two Way SSL

For simplicity, below 2 definitions are from Server Side SSL implementation

TrustStore:
Client stores the certificates it TRUSTS. These are used to verify the Certificate presented by the Server.
KeyStore:
Server stores Private Key and own Identity Certificate which is used to present to other parties (Server or Client) to verify its identity

Server Side SSL:
In this case Server (for instance Tomcat / WebSphere) will hold the Key Store (Private Key + Identity Certificate)
Server will present this Certificate to the requesting Client
Client will lookup the presented Certificate with the list of Certificates available in it's TrustStore

Client Side SSL:
In this case Client (for instance JDBC client) will hold the KeyStore (Private Key + Identity Certificate)
Client will present this Certificate to the Server
Server will lookup the presented Certificate with the list of Certificates available in it's TrustStore

KeyStore  - To store your credential (it may be Server OR Client)
TrustStore - To store others credential (Certificates from CA - Certificate Authority)

In Two Way SSL:
Client and Server both will have their each TrustStore and KeyStore

-
Labels: , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Convert Java SQL String to Oracle SQL Format in TOAD

At times Toad might reset the capability to strip off / convert the the SQL in Java string format to SQL format. You can have that back...