NOTE: Only the appropriate
Workbench, platform or station tools may be used to modify these data files. Attempts to modify them by other means renders them corrupt
and unusable.
keystore.jceks is the User Key Store. In
Workbench it contains a company’s root CA, intermediate, and code-signing certificates. In a server, it contains the server certificate.cacerts.jceks is the User Trust Store. In a client it contains the root CA and intermediate certificates with only their public keys.exemptions.tes is the Allowed Hosts list. In a client it contains the certificate for hosts (servers) with whom the client may securely communicate even though
the client either:
- does not have a root CA certificate in its System or User Trust Store for the server, or
- may have a matching root CA certificate, but the Common Name or Alternate Server Name of the server certificate is not the same as the host name of the server being authenticated.
.bks is the FIP compliance file for access control.
NOTE: A certificate in the
Workbench User Key Store may have the same name as a certificate in a platform/station User Key Store, but they may not be the same certificate. Similarly, files in these stores may have differing alias names, and, in fact,
contain the same public keys. It is the public/private key pair that defines a certificate, not the certificate’s name.