Cryptography - Truststore


A truststore is a store that is (used normally on the client side) when making decisions about what to trust.

If you receive data from an entity that you already trust, and if you can verify that the entity is the one that it claims to be, then you can assume that the data really came from that entity.

An entry should only be added to a truststore if the user trusts that entity.

Content / Structure

A truststore contains:



Every browser has a truststore of the root and intermediate certificate.

Example: Chrome > Settings > Manage Certificate

More Browser - Certificate



Generating trust

By either generating a key pair or by importing a certificate, the user gives trust to that entry. Any entry in the truststore is considered a trusted entry.


A TrustManager is a program (function) that determines whether remote connection should be trusted or not i.e. whether remote party is who it claims to.

Powered by ComboStrap