.jks are just file extensions: it’s up to you to name your files sensibly. Some application use a keystore file stored in
$HOME/.keystore: it’s usually implied that it’s a JKS file, since JKS is the default keystore type in the Sun/Oracle Java security provider. Not everyone uses the
.jks extension for JKS files, because it’s implied as the default. I’d recommend using the extension, just to remember which type to specify (if you need).
In Java, the word keystore can have either of the following meanings, depending on the context:
- the API: http://docs.oracle.com/javase/6/docs/api/java/security/KeyStore.html
- a file (or other mechanism) that can be used to back this API
When talking about the file and storage, this is not really a storage facility for key/value pairs (there are plenty or other formats for this). Rather, it’s a container to store cryptographic keys and certificates (I believe some of them can also store passwords). Generally, these files are encrypted and password-protected so as not to let this data available to unauthorized parties.
Java uses its
KeyStore class and related API to make use of a keystore (whether it’s file based or not).
JKS is a Java-specific file format, but the API can also be used with other file types, typically PKCS#12. When you want to load a keystore, you must specify its keystore type. The conventional extensions would be:
"PKCS12"(the specification name is PKCS#12, but the
#is not used in the Java keystore type name).
In addition, BouncyCastle also provides its implementations, in particular BKS (typically using the
.bks extension), which is frequently used for Android applications