Although it’s in the man page of the keytool I think it’s worth mentioning.
JKS has a big advantage over the PKCS12-format: It knows trusted certificates. This way you can use certificates, normally untrusted by your application because the Certificate Authority (CA) is not trusted within the default keystore.
To convert your PKCS12-keystore to a JKS-type use the following line:
keytool -importkeystore -srckeystore oldkeystore.pkcs -srcstoretype pkcs12 -srcstorepass oldsecret -destkeystore newkeystore.jks -deststoretype jks -deststorepass newsecret
After execution of this line you will have a 2nd keystore in the directory named “newkeystore.jks”.