Keystore vs. Truststore

Keystore is used to store private key and identity certificates that a specific program should present to both parties (server or client) for verification.

Truststore is used to store certificates from Certified Authorities (CA) that verify the certificate presented by the server in SSL connection.

svg viewer

Key differences

Keystore Truststore
Keystore stores your credential. (server or client) Truststore stores others credentials (CA)
Keystore is needed when you are setting up the server side on SSL Truststore setup is required for the successful connection at the client side
Client will store its private key and identify certificate on Keystore Server will authenticate the client against the certificate stored on the server’s Truststore
javax.net.ssl.keyStore is used to specify Keystore javax.net.ssl.trustStore is used to specify Truststore.
Keystore passwords are stored in plaintext that is only readable by the specific group. Truststore passwords are stored in plaintext that can be read by everyone.
Keystore contains private and sensitive information Truststore doesn’t contain private and sensitive information
New on Educative
Learn to Code
Learn any Language as a beginner
Develop a human edge in an AI powered world and learn to code with AI from our beginner friendly catalog
🏆 Leaderboard
Daily Coding Challenge
Solve a new coding challenge every day and climb the leaderboard

Free Resources

Copyright ©2025 Educative, Inc. All rights reserved