JDK-6209038 : merge JCEKS and JKS
  • Type: Bug
  • Component: security-libs
  • Sub-Component: java.security
  • Affected Version: 6
  • Priority: P5
  • Status: Resolved
  • Resolution: Won't Fix
  • OS: generic
  • CPU: generic
  • Submitted: 2004-12-15
  • Updated: 2014-06-06
  • Resolved: 2013-05-02
Related Reports
Relates :  
Relates :  
Description
Now that JCE is part of J2SE, JCEKS should be the default keystore type.  JCEKS is a superset of JKS and additionally supports secret key entries.  it also has stronger file protections.

essentially the type JCEKS will no longer be documented
(although KeyStore.getInstance("JCEKS") will still work).
KeyStore.getDefaultType will still return "JKS".
KeyStore.getInstance("JKS") will return a JCEKS.

this is backward compatible because JCEKS can read a JKS.
however an older release will not be able to parse the new JKS
(since it will be changed to JCEKS).  however this kind of campatibility
is not guaranteed.
###@###.### 2004-12-15 17:28:58 GMT

Comments
This issue is addressed by JDK-8005408.
06-02-2014

Use PKCS12 instead. It supports stronger algorithms since JDK 8.
02-05-2013