I am developing a secure chat program in Java using JSSE.
For 2 people to communicate you specify the keystore to use eg Bob will start the program with bob.keystore and alice will start program with alice.keystore
The way I have it setup and working is as follows
On Bob's side he has a keystore that has his keypair and has Alice's certificate imported as a trusted cert.
On Alices's side she has a keystore with her keypair and Bob's certificate imported as a trusted cert.
Is this the correct setup/procedure?
On Bob's side he has a keystore that has his keypair and has Alice's certificate imported as a trusted cert.
Bob should have:
On Alices's side she has a keystore with her keypair and Bob's certificate imported as a trusted cert.
Alice should have:
Is this the correct setup/procedure?
No. A keystore is a precious, private thing containing privacy-critical data. A truststore just contains other people's certificates so there is nothing precious about it. You should not use the same physical file for both purposes. That's why they are separated in JSSE.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.