When Apinizer Worker applications are requested to be opened with HTTPS, they support both pfx and jks certificates. However, organizations may still want to install pfx certificates in jks format.

This document explains how this conversion can be done using the "Keystore Explorer" program to assist with this situation.

Converting Certificate Files to jks Format with Keystore Explorer (KSE)

The pfx file is opened with Keystore Explorer (KSE).

Right-click on the file, and select Export Key Pair.

The keypair is exported in pkcs12 format with a .p12 extension.

Select the "Create New Keystore" option and choose the JKS type.

Import the previously exported .p12 file into the newly created file using the "Import Key Pair" option:

Optional alias can be entered. It should be noted that if there are other certificates with the same alias, they should not be overwritten.

A new password is given, the point to be noted is that the given password and the jks password must be the same, if there is no password, jks must not have a password either.

Then right click on the imported keypair and select export certificate chain option:

When exporting, the Entire Chain and X.509 options must be selected.

Afterwards, this exported certificate is imported to jks. Optional alias can be entered. Note that if there is a certificate with the same alias, it should not be overwritten.

Finally, it should be like this:

The file is closed by saving it with the password given to the keypair.