¿Qué certificados raíz de confianza se incluyen en Java?

¿Qué certificados raíz de confianza se incluyen en Java, específicamente Sun Java e IBM Java? ¿Cómo puedo obtener la lista yo mismo? ¿Java en Windows usa certificados del sistema operativo?

Vaya al "Panel de control de Java", a la pestaña "Seguro" y haga clic en "Certificados". Vaya a la pestaña "Sistema" y seleccione "CA segura" o "CA de sitios seguros" en el menú desplegable.

IIRC, los certificados se almacenan en un archivo serializado Java en jre/lib/security/cacerts. Este es un almacén de claves Java estándar que se puede manipular con la utilidad keytool:

keytool -keystore "$JAVA_HOME\jre\lib\security\cacerts" -storepass changeit -list

Creo que Mac OS X ahora usa el sistema operativo para manejar certificados.

Aunque el JRE de Oracle (anteriormente el JRE de Sun) viene con una variedad de certificados como mencionó Tom, en Windows, el JRE también usará certificados asociados con el navegador actual de forma predeterminada para los applets y las aplicaciones Web Start. (siempre y cuando uses "Internet Explorer 5.0 o superior o Mozilla 1.4 o superior") .

Debería "simplemente funcionar" si desea realizar la verificación de firmas, la autenticación del servidor HTTPS o la autenticación del cliente HTTPS (por ejemplo, la firma de aplicaciones Web Start con un certificado corporativo que ya se ha instalado en su máquina). Para casos de uso más complicados puede encontrar este documento más útil

Acabo de descargar jre1.6.0 y ejecuté el comando anterior:

    Keystore type: JKS
    Keystore provider: SUN

    Your keystore contains 43 entries

    entrustclientca, Jan 9, 2003, trustedCertEntry, 
    Certificate fingerprint (SHA1): DA:79:C1:71:11:50:C2:34:39:AA:2B:0B:0C:62:FD:55:B2:F9:F5:80
    verisignclass3g2ca, Mar 25, 2004, trustedCertEntry, 
    Certificate fingerprint (SHA1): 85:37:1C:A6:E5:50:14:3D:CE:28:03:47:1B:DE:3A:09:E8:F8:77:0F
    thawtepersonalbasicca, Feb 12, 1999, trustedCertEntry, 
    Certificate fingerprint (SHA1): 40:E7:8C:1D:52:3D:1C:D9:95:4F:AC:1A:1A:B3:BD:3C:BA:A1:5B:FC
    addtrustclass1ca, May 2, 2006, trustedCertEntry, 
    Certificate fingerprint (SHA1): CC:AB:0E:A0:4C:23:01:D6:69:7B:DD:37:9F:CD:12:EB:24:E3:94:9D
    verisignclass2g3ca, Mar 25, 2004, trustedCertEntry, 
    Certificate fingerprint (SHA1): 61:EF:43:D7:7F:CA:D4:61:51:BC:98:E0:C3:59:12:AF:9F:EB:63:11
    thawtepersonalpremiumca, Feb 12, 1999, trustedCertEntry, 
    Certificate fingerprint (SHA1): 36:86:35:63:FD:51:28:C7:BE:A6:F0:05:CF:E9:B4:36:68:08:6C:CE
    addtrustexternalca, May 2, 2006, trustedCertEntry, 
    Certificate fingerprint (SHA1): 02:FA:F3:E2:91:43:54:68:60:78:57:69:4D:F5:E4:5B:68:85:18:68
    valicertclass2ca, Jan 20, 2005, trustedCertEntry, 
    Certificate fingerprint (SHA1): 31:7A:2A:D0:7F:2B:33:5E:F5:A1:C3:4E:4B:57:E8:B7:D8:F1:FC:A6
    entrustsslca, Jan 9, 2003, trustedCertEntry, 
    Certificate fingerprint (SHA1): 99:A6:9B:E6:1A:FE:88:6B:4D:2B:82:00:7C:B8:54:FC:31:7E:15:39
    equifaxsecureebusinessca2, Jul 18, 2003, trustedCertEntry, 
    Certificate fingerprint (SHA1): 39:4F:F6:85:0B:06:BE:52:E5:18:56:CC:10:E1:80:E8:82:B3:85:CC
    equifaxsecureebusinessca1, Jul 18, 2003, trustedCertEntry, 
    Certificate fingerprint (SHA1): DA:40:18:8B:91:89:A3:ED:EE:AE:DA:97:FE:2F:9D:F5:B7:D1:8A:41
    thawtepremiumserverca, Feb 12, 1999, trustedCertEntry, 
    Certificate fingerprint (SHA1): 62:7F:8D:78:27:65:63:99:D2:7D:7F:90:44:C9:FE:B3:F3:3E:FA:9A
    verisignclass2g2ca, Mar 25, 2004, trustedCertEntry, 
    Certificate fingerprint (SHA1): B3:EA:C4:47:76:C9:C8:1C:EA:F2:9D:95:B6:CC:A0:08:1B:67:EC:9D
    addtrustqualifiedca, May 2, 2006, trustedCertEntry, 
    Certificate fingerprint (SHA1): 4D:23:78:EC:91:95:39:B5:00:7F:75:8F:03:3B:21:1E:C5:4D:8B:CF
    gtecybertrustca, May 10, 2002, trustedCertEntry, 
    Certificate fingerprint (SHA1): 90:DE:DE:9E:4C:4E:9F:6F:D8:86:17:57:9D:D3:91:BC:65:A6:89:64
    entrustglobalclientca, Jan 9, 2003, trustedCertEntry, 
    Certificate fingerprint (SHA1): CF:74:BF:FF:9B:86:81:5B:08:33:54:40:36:3E:87:B6:B6:F0:BF:73
    utnuserfirsthardwareca, May 2, 2006, trustedCertEntry, 
    Certificate fingerprint (SHA1): 04:83:ED:33:99:AC:36:08:05:87:22:ED:BC:5E:46:00:E3:BE:F9:D7
    starfieldclass2ca, Jan 20, 2005, trustedCertEntry, 
    Certificate fingerprint (SHA1): AD:7E:1C:28:B0:64:EF:8F:60:03:40:20:14:C3:D0:E3:37:0E:B5:8A
    verisignclass1g3ca, Mar 25, 2004, trustedCertEntry, 
    Certificate fingerprint (SHA1): 20:42:85:DC:F7:EB:76:41:95:57:8E:13:6B:D4:B7:D1:E9:8E:46:A5
    thawteserverca, Feb 12, 1999, trustedCertEntry, 
    Certificate fingerprint (SHA1): 23:E5:94:94:51:95:F2:41:48:03:B4:D5:64:D2:A3:A3:F5:D8:8B:8C
    verisignclass3ca, Oct 27, 2003, trustedCertEntry, 
    Certificate fingerprint (SHA1): 74:2C:31:92:E6:07:E4:24:EB:45:49:54:2B:E1:BB:C5:3E:61:74:E2
    entrustgsslca, Jan 9, 2003, trustedCertEntry, 
    Certificate fingerprint (SHA1): 89:39:57:6E:17:8D:F7:05:78:0F:CC:5E:C8:4F:84:F6:25:3A:48:93
    geotrustglobalca, Jul 18, 2003, trustedCertEntry, 
    Certificate fingerprint (SHA1): DE:28:F4:A4:FF:E5:B9:2F:A3:C5:03:D1:A3:49:A7:F9:96:2A:82:12
    verisignclass1g2ca, Mar 25, 2004, trustedCertEntry, 
    Certificate fingerprint (SHA1): 27:3E:E1:24:57:FD:C4:F9:0C:55:E8:2B:56:16:7F:62:F5:32:E5:47
    utnuserfirstclientauthemailca, May 2, 2006, trustedCertEntry, 
    Certificate fingerprint (SHA1): B1:72:B1:A5:6D:95:F9:1F:E5:02:87:E1:4D:37:EA:6A:44:63:76:8A
    comodoaaaca, May 2, 2006, trustedCertEntry, 
    Certificate fingerprint (SHA1): D1:EB:23:A4:6D:17:D6:8F:D9:25:64:C2:F1:F1:60:17:64:D8:E3:49
    baltimorecybertrustca, May 10, 2002, trustedCertEntry, 
    Certificate fingerprint (SHA1): D4:DE:20:D0:5E:66:FC:53:FE:1A:50:88:2C:78:DB:28:52:CA:E4:74
    equifaxsecureca, Jul 18, 2003, trustedCertEntry, 
    Certificate fingerprint (SHA1): D2:32:09:AD:23:D3:14:23:21:74:E4:0D:7F:9D:62:13:97:86:63:3A
    verisignclass2ca, Oct 27, 2003, trustedCertEntry, 
    Certificate fingerprint (SHA1): 67:82:AA:E0:ED:EE:E2:1A:58:39:D3:C0:CD:14:68:0A:4F:60:14:2A
    verisignserverca, Jun 29, 1998, trustedCertEntry, 
    Certificate fingerprint (SHA1): 44:63:C5:31:D7:CC:C1:00:67:94:61:2B:B6:56:D3:BF:82:57:84:6F
    entrust2048ca, Jan 9, 2003, trustedCertEntry, 
    Certificate fingerprint (SHA1): 80:1D:62:D0:7B:44:9D:5C:5C:03:5C:98:EA:61:FA:44:3C:2A:58:FE
    utndatacorpsgcca, May 2, 2006, trustedCertEntry, 
    Certificate fingerprint (SHA1): 58:11:9F:0E:12:82:87:EA:50:FD:D9:87:45:6F:4F:78:DC:FA:D6:D4
    soneraclass2ca, Mar 28, 2006, trustedCertEntry, 
    Certificate fingerprint (SHA1): 37:F7:6D:E6:07:7C:90:C5:B1:3E:93:1A:B7:41:10:B4:F2:E4:9A:27
    utnuserfirstobjectca, May 2, 2006, trustedCertEntry, 
    Certificate fingerprint (SHA1): E1:2D:FB:4B:41:D7:D9:C3:2B:30:51:4B:AC:1D:81:D8:38:5E:2D:46
    verisignclass1ca, Mar 25, 2004, trustedCertEntry, 
    Certificate fingerprint (SHA1): 90:AE:A2:69:85:FF:14:80:4C:43:49:52:EC:E9:60:84:77:AF:55:6F
    gtecybertrustglobalca, May 10, 2002, trustedCertEntry, 
    Certificate fingerprint (SHA1): 97:81:79:50:D8:1C:96:70:CC:34:D8:09:CF:79:44:31:36:7E:F4:74
    baltimorecodesigningca, May 10, 2002, trustedCertEntry, 
    Certificate fingerprint (SHA1): 30:46:D8:C8:88:FF:69:30:C3:4A:FC:CD:49:27:08:7C:60:56:7B:0D
    soneraclass1ca, Mar 28, 2006, trustedCertEntry, 
    Certificate fingerprint (SHA1): 07:47:22:01:99:CE:74:B9:7C:B0:3D:79:B2:64:A2:C8:55:E9:33:FF
    thawtepersonalfreemailca, Feb 12, 1999, trustedCertEntry, 
    Certificate fingerprint (SHA1): 20:99:00:B6:3D:95:57:28:14:0C:D1:36:22:D8:C6:87:A4:EB:00:85
    gtecybertrust5ca, May 10, 2002, trustedCertEntry, 
    Certificate fingerprint (SHA1): 47:C5:4C:BC:DA:5D:76:CE:62:88:38:11:AC:11:66:5D:55:F4:2C:00
    verisignclass3g3ca, Mar 25, 2004, trustedCertEntry, 
    Certificate fingerprint (SHA1): 13:2D:0D:45:53:4B:69:97:CD:B2:D5:C3:39:E2:55:76:60:9B:5C:C6
    godaddyclass2ca, Jan 20, 2005, trustedCertEntry, 
    Certificate fingerprint (SHA1): 27:96:BA:E6:3F:18:01:E2:77:26:1B:A0:D7:77:70:02:8F:20:EE:E4
    equifaxsecureglobalebusinessca1, Jul 18, 2003, trustedCertEntry, 
    Certificate fingerprint (SHA1): 7E:78:4A:10:1C:82:65:CC:2D:E1:F1:6D:47:B4:40:CA:D9:0A:19:45