IBM Support

From version JDK9 and higher, the default keystore type generated when using Keytool is set to PKCS12, this can cause compatibility issues with MQ Client applications like MQ Explorer

Troubleshooting


Problem

A JKS keystore is created using Java Keytool but it can NOT be accessed through MQ Explorer.
Possible error code returned is AMQ4598.
In earlier versions of JDK, the Java Keytool default to create a keystore of type JKS. From JDK version 9 and higher, the default keystore type is PKCS12.
https://blogs.oracle.com/jtc/jdk9-keytool-transitions-default-keystore-to-pkcs12
For demonstration purposes, we use (a)the Keytool command to create a JKS keystore and (b)display its content using the runmqckm command:
(a)- keytool -genkey -alias server -keyalg RSA -keysize 2048 -keystore sotre1.jks -dname "CN= store1,OU=1, O=ORG, L=Durham, ST=NC, C=US"
(b)- runmqckm -cert -list -db store1.jks -type JKS -pw password
An IO Exception has occurred:
Invalid keystore format

Explanation:
From version JDK9 and higher, the default keystore type generated when using Keytool is set to PKCS12.
MQ Explorer is a java application that understands and can decrypt JKS keystore type only.

Document Location

Worldwide

[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSYHRD","label":"IBM MQ"},"Component":"","Platform":[{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"LOB77","label":"Automation Platform"}},{"Product":{"code":"SSKM59","label":"IBM MQ for HPE NonStop"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Component":" ","Platform":[{"code":"","label":""}],"Version":"","Edition":"","Line of Business":{"code":"LOB77","label":"Automation Platform"}},{"Product":{"code":"SS5K6E","label":"IBM MQ Appliance"},"Business Unit":{"code":"BU053","label":"Cloud \u0026 Data Platform"},"Component":" ","Platform":[{"code":"","label":""}],"Version":"","Edition":"","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]

Log InLog in to view more of this document

This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.

Document Information

Modified date:
28 April 2025

UID

ibm15124675

Page Feedback