I store my cert and private key in PKCS12 files; I then add these PKCS12 files to Java Key Store.
If I need to perform some security functions I extract the PKCS12 from the Java Key Store by alias and perform all sorts of openssl commands. And so why do I want to use a Java Key Store other than for a bag for my PKCS12s (as repository of security certificates) ? The alias is nice to access which ones I need and have to replace also its one file (JKS file) that can be backed up; thats all I see. Is there a standard well excepted measure to manage your sec certs, in other words is is wrong to just have PKCS12 files? I imagine the process which is performing all sorts of signing of documents would simply load the security certs in memory for quick usage be it from the Keystore or just the raw PKCS12s and periodically check for updates. Any comments on this. -- View this message in context: http://openssl.6102.n7.nabble.com/Java-Key-Store-JKS-verses-just-PKCS12-files-tp43476.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
