Can we load multiple Certificates & Keys in a Key Store?

by

Although this depends on the KeyStore type, generally, you can store multiple private keys and certificates in a single store.

Which key and certificate combination is used for a Java-based server will depend on how the application was implemented. A number of applications let you select a given certificate using the alias name. The key and certificate getters in KeyStore take an alias parameter to make this choice. Usually, when this is not specified in the configuration, the application or framework will use the first suitable one it finds based on the KeyStore.aliases() enumeration.

Tomcat, for example, uses the keyAlias attribute in its Connector configuration:

keyAlias: The alias used to for the server
certificate in the keystore. If not
specified the first key read in the
keystore will be used.

Regarding key pairs, some KeyStores (again, depending on the type) can be used to store SecretKeys (e.g. DES), that is shared keys, as well as public-private key pairs.

More Related Contents:

  1. Trusting all certificates using HttpClient over HTTPS
  2. How can I use different certificates on specific connections?
  3. How to import a .cer certificate into a java keystore?
  4. why doesn’t java send the client certificate during SSL handshake?
  5. How to properly import a selfsigned certificate into Java keystore that is available to all Java applications by default?
  6. How to fix the “java.security.cert.CertificateException: No subject alternative names present” error?
  7. Import PEM into Java Key Store
  8. Using a custom truststore in java as well as the default one
  9. How to programmatically set the SSLContext of a JAX-WS client?
  10. Does Java support Let’s Encrypt certificates?
  11. java – path to trustStore – set property doesn’t work?
  12. How can I get a list of trusted root certificates in Java?
  13. How to ignore PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException?
  14. How to convert certificate from PEM to JKS?
  15. PKIX path building failed in Java application
  16. How do I do TLS with BouncyCastle?
  17. Wrong version of keystore on android call
  18. What is Keystore?
  19. Using SSLContext with just a CA certificate and no keystore
  20. How to build a SSLSocketFactory from PEM certificate and key without converting to keystore?
  21. Java: Loading SSL Keystore via a resource
  22. Setting multiple truststore on the same JVM
  23. How do I list / export private keys from a keystore?
  24. Resolving javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed Error?
  25. Getting RSA private key from PEM BASE64 Encoded private key file
  26. Java SSLHandshakeException “no cipher suites in common”
  27. Importing the private-key/public-certificate pair in the Java KeyStore [duplicate]
  28. SSLHandshakeException while connecting to a https site
  29. Java SSLException: hostname in certificate didn’t match
  30. SNI client-side mystery using Java8

Leave a Comment