Is it suffcient to put CA certificate in key store?

Hi,

I want to establish an SSL connection with server-side authentication only. Is it sufficient to put the certificate of the CA into the client-side keystore when using JSSE?

I know, that the server will send its certificate to the client during the SSL handshake. The client will have to verifiy this certificate. To be able to verify it, the client will need the CAs certificate. That's why I wonder if it is sufficient to store the CA certificate only in the client's keystore initially.

Will the server's certificate be stored automatically in the client's keystore after the first communication, and thus make any subsequent verifications unneccessary?

Thanks!

[702 byte] By [frotschia] at [2007-10-1 7:31:33]

«« Java Network Game
»» Dynamically calling a static method with args

# 1

The servers CA certificate must be in the clients truststore. After the first communication the servers certificate would NOT be automatically stored in the truststore

anandrajasekara at 2007-7-9 18:52:51 >

top of Java-index,Security,Java Secure Socket Extension (JSSE)...

Java programming resources: FAQs, tutorials, compiler and browser download sites, documentation, books lists, IDEs, etc.

Is it suffcient to put CA certificate in key store?

Security New Topic

Security Hot Topic

Security

All Classified