Is it necessary to add the .p12 certificate to my Java truststore when establishing a TLS connection using a Spring Boot application with a Redis server that also has TLS enabled?
Adding a certificate manually on production can create a dependency, I want to avoid adding the .p12 certificate to the truststore.
When I don't add the truststore.p12 file, which contains ca.pem, my Spring Boot application gives me an error stating that "trustAnchors must not be empty.
I want to know above scenario is possible or not in my case and if I avoiding to adding truststore is it best practices.
This is default behavior when your make use of self signed certificate in server machine.
"I want to avoid adding the .p12 certificate to the truststore." this is exact same reason why server certificates are added to the truststore as a client.
Think about it ideally request to server should only and only come from legitimate clients (in your case spring app is client to redis server). adding certificate to truststore will make sure that only trusted clients are authorized to make the request.
So to answer your question adding certs to truststore is a common/well known practice done in web world.
Hope this helps. Thanks.