A truststore is a store that is (used normally on the client side) when making decisions about what to trust.
If you receive data from an entity that you already trust, and if you can verify that the entity is the one that it claims to be, then you can assume that the data really came from that entity.
An entry should only be added to a truststore if the user trusts that entity.
Content / Structure
A truststore contains:
- CA certificates to trust (or from Certificate Authorities that you trust to identify other parties)
- or certificates from other parties that you expect to communicate with
Every browser has a truststore of the root and intermediate certificate.
Example: Chrome > Settings > Manage Certificate
By either generating a key pair or by importing a certificate, the user gives trust to that entry. Any entry in the truststore is considered a trusted entry.
A TrustManager is a program (function) that determines whether remote connection should be trusted or not i.e. whether remote party is who it claims to.