I'm working with java keystores for the first time. Is there a standard extension / suffix for a keystore? Are they typically named .ks? If it's a java keystore am I supposed to use .jks? I would like to follow a naming convention if one is generally accepted.
To easily distinguish keystores and trurststores, the recommendation is if it is used as a keystore, start the names or imbed in the names something like "keystore-" or "ks-" . Apply the same rule to truststores, name them like "truststore" or "ts-".
A Java KeyStore is a container that stores certificates with their matching private keys. We'll use a combination of keytool and openssl commands to convert from PEM to JKS. The keytool command comes with the JDK (Java Development Kit) and is used to convert from PEM to PKCS12.
Security file commonly used by (IDEs), such as Eclipse and Unity, to verify application developers; stores a set of cryptographic keys or certificates in the binary Java Key Store (JKS) format.
An alias is specified when you add an entity to the keystore using the -genseckey command to generate a secret key, -genkeypair command to generate a key pair (public and private key) or the -importcert command to add a certificate or certificate chain to the list of trusted certificates.
For Java keystores, IBM appears to suggest .jks
See here that when specifying Java keystore settings, they use .jks as the extension.
It depends on the key store type. The default type for Java is JKS so .jks makes sense. Other key store types exist such as PKCS12. Typical file extensions for PKCS12 key stores are .p12 and .pfx. Looking at the file extensions in the open file window for Portecle, it considers .ks, .jks, .jceks, .p12, .pfx, .bks, and .ubr as possibilies. I've only ever encountered .jks, .p12, and .pfx myself however.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With