How to convert PKCS#12 (pfx) container to Java Keystore (jks)

Prerequisits

  • Certificate Container in PKCS#12 format, containing:
    – Private Key
    – Intermediate Certificates
    – Root Certificates
  • Password for the private key in PKCS#12 container
  • Keystore Explorer (Download)

Preparations

Install Keystore Explorer

Install by using default values, afterwards lauch Keystore Explorer. On the first launch you’ll receive a message like this.

Download “Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6”

Select the downloaded ZIP file, click on Upgrade and restart Keystore Explorer.

Convert PKCS#12 to JavaKeystore

Create a new container

In Keystore Explorer select File – New or ‘Create a new Keystore’ from dashboard.

select JKS as the new KeyStore type.

Import PKCS#12 container

Select Import Keypair, the two yellow key icons.

Select PKCS#12 as source format.

Select your PKCS#12 container and enter your password.

Set JKS Alias

Enter alias ‘tomcat’ if you want to use your JavaKeystore for a Tomcat Webserver.

Enter the same password as the private key has, otherwise you will face issues in case you want to use the JavaKeysore with Tomcat.

Save as JKS

Select File – Save as

Enter the same password as the private key has, otherwise you will face issues in case you want to use the JavaKeysore with Tomcat.

Save your file as .jks container.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.