A Java KeyStore (JKS) is a repository of security certificates – either authorization certificates or public key certificates – plus corresponding private keys, used for instance in TLS encryption.
In IBM WebSphere Application Server and Oracle WebLogic Server, a file with extension jks serves as a keystore.
The Java Development Kit maintains a CA keystore file named cacerts in folder jre/lib/security. JDKs provide a tool named keytool1 to manipulate the keystore. keytool has no functionality to extract the private key out of the keystore, but this is possible with third-party tools like jksExportKey, CERTivity,2 Portecle3 and KeyStore Explorer.4
References
References
- The keytool Command - a key and certificate management utility
- CERTivity - A multi-platform visual tool for managing keystores
- Portecle - Portecle is an open-source GUI application for creating, managing and examining keystores.
- KeyStore Explorer - An open source GUI replacement for the Java command-line utilities keytool, jarsigner and jadtool.