Salesforce uses JKS files to store information about the valid certificates used for API communication. The challenge is that JKS is not a format very common in the .net applications – we more often use certs in PKCS12 format.
How to convert JKS file to PKCS12 file?
Before you start conversion it is good to verify if JKS file contains only one certificate – the one you need. To verify what is inside the JKS file you can use “KeyStore Explorer” application that you can download here.
When you open the JKS file with KeyStore Explorer you will see something like this:
In my case the keytool is available in the path:
When you find the keytool you can run the following command to convert jks into pkcs12 file:
C:\Program Files\ojdkbuild\java-1.8.0-openjdk-22.214.171.124-1\bin\keytool.exe' -importkeystore -srckeystore xxxxxxxxxxxxxx.jks -destkeystore xxxxxxxxxxxxxx.p12 -srcstoretype JKS -deststoretype PKCS12
Just replace “xxxxxxxxxxxxxx” file name of you jks file and the name of the p12 that should be generated.
If everything went fine you can now use your cert in a new format to sign data that you send to Salesforce. More info about that you will find in the article “Sitecore and Salesforce custom integration – Salesforce JWT bearer token generation“