{{Short description|Software development tool for security}}
A '''Java KeyStore''' ('''JKS''') is a [[content repository|repository]] of security certificates{{spaced ndash}} and corresponding private keys, either [[authorization certificate]]s or [[public key certificate]]s{{spaced ndash}} plus corresponding [[Private key|private keys]], used for instance in [[Transport Layer Security|SSLTLS encryption]].
In [[IBM WebSphere Application Server]] and [[Oracle WebLogic Server]], a file with extension ''jks'' serves as a keystore.
The [[Java Development Kit]] maintains a [[certificate authority|CA]] keystore file named ''cacerts'' in folder ''jre/lib/security/cacerts''. JDKs provide a tool named ''keytool''<ref>[httphttps://docs.oracle.com/en/java/javase/617/docs/technotesspecs/tools/solarisman/keytool.html The ''keytool'' Command - Keya key and Certificatecertificate management Managementutility Tool]</ref> to manipulate the keystore. ''keytool'' has no functionality to extract the private key out of the keystore, but this is possible with third-party tools like jksExportKey,<ref>[http://miteff.com/jksexportkey jksExportKey - A free tool for exporting private keys out of the keystore as standalone files]</ref> CERTivity,<ref>[http://www.edulib.com/products/keystores-manager/ CERTivity - A multi-platform visual tool for managing keystores]</ref> Portecle<ref>[http://portecle.sourceforge.net Portecle - Portecle is an open-source GUI application for creating, managing and examining keystores.]</ref> and KeyStore Explorer.<ref>[http://keystore-explorer.sourceforge.netorg KeyStore Explorer - An open source GUI replacement for the Java command-line utilities keytool, jarsigner and jadtool.]</ref>
==See also==
*[[Java Secure Socket Extension]]
*[[Keyring (cryptography)]]
*[[Public- key infrastructure]]
==References==
{{Reflist}}
==External links==
* [https://docs.oracle.com/javase/8/docs/api/java/security/KeyStore.html Javadoc for KeyStore]
