The PKCS12 implementation was enhanced in JDK 8 to support storing secret keys and trusted certificates. This capability should be backported to JDK 7 to support users migrating from JKS/JCEKS keystores on that JDK release.
JDK-8200095Support secret keys and trusted certs in PKCS12 keystore
JDK-8171319keytool should print out warnings when reading or generating cert/cert req using weak algorithms
JDK-8177569keytool should not warn if signature algorithm used in cacerts is weak