Key Stores allow to manage the keys that are stored in a database. A Key Store must contain a key pair with a certificate signed by a trusted Certification Authority (CA). A CA is an entity trusted by all parties participating in a secure communication. This entity will certify the trusted party's public keys by signing them. Since the certificate authority is a trusted one, it will accept the public key certificates signed by that particular CA as trusted. See Setting Up Key Stores for a Client and a Service.
You an also set up a Key Store using XML configuration. See Configuring Key Stores.