Want to store secret key by java keystore .
As JDK maintain keystore in jre\lib\security\cacerts & have doubt on below point
Could anybody clear doubt over here 1) where exactly the .keystore file stored , is it in project itself as like of config file or in jdk folder i.e security folder 2) Do we need to provide the certificate for our custom created key ? if yes then how can we give with java code.
Thanks in advance
You're confusing two types of stores. cacerts is a truststore; you need a keystore. In short, roughly, the truststore is who you trust and the keystore is who you are.
Using an X.509 certificate is the correct way to manage a private key (such as with SSL). You can specify certificates through properties passed to Java when starting your application (be it a standalone application or a container like Tomcat) or programmatically. This SO answer provides a concise overview of the properties required to configure your keystore and truststore. You probably won't have to do anything with the truststore.