July 20, 2001, 12:00 AM — Sun's cryptographic libraries provide support for two different
proprietary keystores. The traditional keystore, available from
the "SUN" provider in the standard JDK, is called the "JKS" keystore.
The alternate keystore, available from the "SunJCE" provider in the JCE
(Java Cryptography Extension), is called the "JCEKS" keystore. Which
one should you use?
If you're not using the JCE, then the answer is easy. Your only option
is to use the JKS keystore. If, however, you have installed the JCE and
you are using JCE functionality, then your best bet is the JCEKS
keystore. This keystore provides much stronger protection for stored
private keys by using Triple DES encryption.
Migrating up from JKS to JCEKS is relatively easy. You can find
complete instructions at