How to convert PKCS#12 (pfx) container to Java Keystore (jks)
Prerequisits
- Certificate Container in PKCS#12 format, containing:
– Private Key
– Intermediate Certificates
– Root Certificates - Password for the private key in PKCS#12 container
- Keystore Explorer (Download)
Preparations
Install Keystore Explorer
Install by using default values, afterwards lauch Keystore Explorer. On the first launch you’ll receive a message like this.
Download “Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6”
Select the downloaded ZIP file, click on Upgrade and restart Keystore Explorer.
Convert PKCS#12 to JavaKeystore
Create a new container
In Keystore Explorer select File – New or ‘Create a new Keystore’ from dashboard.
select JKS as the new KeyStore type.
Import PKCS#12 container
Select Import Keypair, the two yellow key icons.
Select PKCS#12 as source format.
Select your PKCS#12 container and enter your password.
Set JKS Alias
Enter alias ‘tomcat’ if you want to use your JavaKeystore for a Tomcat Webserver.
Enter the same password as the private key has, otherwise you will face issues in case you want to use the JavaKeysore with Tomcat.
Save as JKS
Enter the same password as the private key has, otherwise you will face issues in case you want to use the JavaKeysore with Tomcat.
Save your file as .jks container.