What is .dat certificate? How is it different from the other certificate format like JKS?


What is a .dat certificate? Is there any difference between a JKS certificate and a .dat certificate? How can I use the .dat certificate to trust the server side? Is it the same to other certificates?


Answers:


.dat is just a file extension that tells you nothing useful about the format of the file itself.

There are two types of certificate files in common use: PEM and DER. PEM encodes its data in the form of Base-64 encoded text wrapped in human-readable headers. DER encodes its data in raw binary form. Both formats are capable of encoding the same types of data, but while PEM files can store multiple objects (certificate and key, for instance, or an entire certificate trust chain), DER files are limited to one object per file. Additionally, some applications are designed specifically for one or the other.

Open up your file in a text editor. Is it vaguely human-readable? Then it's a PEM file. Is it garbage? Then it's probably DER.

JKS per se isn't a certificate format; it's a storage format for certificates and keys. One .jks file can potentially store many certificates and keys. Java will expect that you import your certificate into a keystore first; then you can load it into a TrustStore or KeyStore depending on what you need.