What is a .jks file?

Drop any file to identify it

No upload. No signup. No sending your file halfway across the internet.
We tell you what it is, right here in your browser.

What is it

JKS is Java's answer to "where do I keep my certificates?" It's a password-protected binary file that stores multiple certificates and private keys, each identified by an alias. Java application servers (Tomcat, JBoss, WebSphere), Android apps, and any JVM-based service that needs TLS typically uses a JKS file.

The keytool command (included with every JDK) manages JKS files: creating keystores, importing certificates, generating key pairs, and listing contents. The command syntax is verbose (`keytool -list -v -keystore server.jks -storepass changeit`) but reliable. Every Java developer has typed these commands at some point.

JKS is being superseded by PKCS#12 (.p12) as the default keystore format in newer Java versions. Java 9+ uses PKCS#12 by default for new keystores. For existing JKS files, conversion is straightforward: `keytool -importkeystore -srckeystore old.jks -destkeystore new.p12 -deststoretype PKCS12`.

Technical details

Full Name

Java KeyStore

MIME Type

application/x-java-keystore

Developer

Sun Microsystems (now Oracle)

Magic Bytes

FE ED FE ED

Safety

What opens it

keytool (JDK CLI)

FREE Windows / Mac / Linux

KeyStore Explorer

FREE Windows / Mac / Linux

FAQ

How do I view the contents of a JKS file?

`keytool -list -v -keystore server.jks` lists all entries with details. KeyStore Explorer (free GUI) provides a visual interface for browsing and managing JKS contents.

Should I use JKS or PKCS#12?

PKCS#12 (.p12) for new projects — it's the standard across platforms and the default in modern Java. Convert existing JKS to P12 with keytool -importkeystore.

Related formats

Drop any file to identify it

Drop it!

Couldn't identify this file