In SSL handshake,
- TrustStore is to verify credentials
- stores certificates from third party, Java application communicate or certificates signed by CA(certificate authorities like Verisign) which can be used to identify third party.
- KeyStore is to provide credential.
- stores private key and certificates corresponding to there public keys and require if you are SSL Server or SSL requires client authentication