Can we load multiple Certificates & Keys in a Key Store?

Question

Can we load multiple Certificates & Keys in a Key Store?

Is it always required to load only Pairs (i.e. Certificates & Keys together)?

If a Key Stor

Answer 1

You can have a keystore with as many certificates and keys as you like.

If there are multiple certificates in a keystore a client uses as its truststore, all certificates are being looked at until one is found that fits. You can look at the preinstalled certificates, they are in /lib/security/cacerts. It's just a big collection of root CAs' certificates.

Regarding the keys I don't know. I'd reckon the client uses a key that is signed by the same CA as the certificate that is provided by the server and if there are multiple, the first is used. But I can't say that for sure.