Java KeyStore explained

A Java KeyStore (JKS) is a repository of security certificates either authorization certificates or public key certificates plus corresponding private keys, used for instance in TLS encryption.

In IBM WebSphere Application Server and Oracle WebLogic Server, a file with extension jks serves as a keystore.

The Java Development Kit maintains a CA keystore file named cacerts in folder jre/lib/security. JDKs provide a tool named keytool[1] to manipulate the keystore. keytool has no functionality to extract the private key out of the keystore, but this is possible with third-party tools like jksExportKey, CERTivity,[2] Portecle[3] and KeyStore Explorer.[4]

See also

External links

Notes and References

  1. https://docs.oracle.com/en/java/javase/17/docs/specs/man/keytool.html The keytool Command - a key and certificate management utility
  2. http://www.edulib.com/products/keystores-manager/ CERTivity - A multi-platform visual tool for managing keystores
  3. http://portecle.sourceforge.net Portecle - Portecle is an open-source GUI application for creating, managing and examining keystores.
  4. http://keystore-explorer.org KeyStore Explorer - An open source GUI replacement for the Java command-line utilities keytool, jarsigner and jadtool.