Convert a JAVA keystore from PKCS12 to JKS

Although it’s in the man page of the keytool I think it’s worth mentioning.

JKS has a big advantage over the PKCS12-format: It knows trusted certificates. This way you can use certificates, normally untrusted by your application because the Certificate Authority (CA) is not trusted within the default keystore.

To convert your PKCS12-keystore to a JKS-type use the following line:

1
 keytool -importkeystore -srckeystore oldkeystore.pkcs -srcstoretype pkcs12 -srcstorepass oldsecret -destkeystore newkeystore.jks -deststoretype jks -deststorepass newsecret

After execution of this line you will have a 2nd keystore in the directory named “newkeystore.jks”.

About stevie

Born in the north of Germany, raised in Berlin and stayed there since. After graduating, studying applied computer science at the FHTW Berlin (now HTW Berlin), I started my own company with a former fellow student, providing high class application solutions for web and desktop for small and medium companies (see www.jnamic.com (english version to be finished) for more information). My personal favorite programming languages are PHP for the web and Java for everything else - although I must admit Java evolved very much in the past few years. I love to code and build new applications from the scratch, optimizing it through day and night till I am satisfied with it's performance. So follow my articles, share your thoughts and experience with me and have a good time browsing this blog!
This entry was posted in common and tagged , , , , . Bookmark the permalink.

Leave a Reply