Additional Keystore Formats (PKCS12)
The PKCS#12
(Personal Information Exchange Syntax Standard) specifies a portable format for storage
and/or transport of a user's private keys, certificates, miscellaneous secrets, and other items. The
IBMJSSE2
provider uses the Java™ 2 KeyStore
API that supplies a complete implementation of the PKCS12 java.security.KeyStore
format for reading and write pkcs12 files. This format is also supported by other toolkits and
applications for importing and exporting keys and certificates, such as Netscape/Mozilla,
Microsoft's Internet Explorer, and OpenSSL. For example, these implementations can export client
certificates and keys into a file using the .p12 filename extension.
With the IBMJSSE2
provider, you can access PKCS12 keys through the KeyStore API
with a keystore type of pkcs12
(or PKCS12
, the name is
case-insensitive). In addition, you can list the installed keys and associated certificates using
the keytool command with the -storetype
option set to pkcs12
or
use IKEYMAN. (See Security Tools for information about keytool.)