pp108 : Trust Store

Trust Store
This topic describes the concept of trust store.

Each service group has a trust store. A trust store is a container in LDAP in which certificates of 'trusted' service group can be stored. This trust store can be used to define trust relations between service group. For more information about trust relations, refer to Trust Relation. The certificates in the trust store contain public keys and information describing the identity of the owner.

A service group can use the public key to verify that signed content is not changed underway (message integrity) and that content really comes from the sender. For more information about signing, refer to Signing.

The service group can also use the public key to decrypt data that was encrypted by the owner of the key (probably another service group). For more information about encryption, refer to Encryption.

The trust stores of service groups can be managed with the Security Administration task.

 

Related concepts

Encryption
Certificate
Key Store
Trust Relation
Identity
Private-public Key Pair
Signing

Related tasks

Creating a Trust Relation
Adding a Certificate to a Group
Setting a Group as a Default Trust Relation
Adding a New Certificate
Loading a Certificate
Validating a Certificate

Related reference

Types of Certificates

Related information

Managing Service Group Trust Relation
Managing Certificates