I am creating a keystore using OpenSSL using the following command :
openssl pkcs12 -export -in mycert.crt -inkey mykey.key \
-out mycert.p12 -name tomcat -CAfile myCA.crt \
-caname root
as per the documentation.
Now when I try to validate the keystore using keytool -list -v -keystore mycert.p12, I am getting an Invalid Keystore Exception.
Is this because I am using Apache implementation of creating a keystore?
Also a constraint I have is that I cannot use Java keytool to create a keystore although my Java program is using to keystore for FTPS transfer.
Use -storetype pkcs12 option with keytool.
keytool -list -v -keystore mycert.p12 -storetype pkcs12
By default, keytool assumes that the keystore type is JKS and if it's not, keytool fails. If using other keystore files (.p12 in your example), you need to explicitely give a store type using the mentioned method.