So, what are JKS and PFX files and why would we want to convert PFX to JKS?

If you're working in Java then the JKS (Java Key Store) is a logically expected place to store private keys. Java applications typically expect to get the keys from JKS, since Java offers ways for easy JKS management. JKS is not easily accessible from outside Java, though.

PFX (PKCS#12) files, on the other hand, are not language-dependent way to store encrypted private keys and certificates, and it has been around long enough so it's widely supported.

How to convert pfx to jks?

Direct conversion of pfx to jks is not possible, but from JAVA version 6, we can import PKCS certificate into Java keystore.

1. First, we need to create an empty keystore.

Open command window and type:

keytool -genkey -alias foo -keystore testKeystore.jks

2. Enter data keytool asks you for.

3. Import .pfx into keystore you created using this command:

keytool -importkeystore -srckeystore keystore.pfx -srcstoretype pkcs12 -destkeystore testKeystore.jks -deststoretype JKS

4. Enter destination and source keystore password.

5. Check if all of your certificates from pfx are imported into JKS.

keytool -list testKeystore.jks