# Secret Type - CERTJKS

The CERTJKS-Type is the same as the [CERT-Type](https://vault.koudingspawn.de/supported-secret-types/secret-type-cert). The only difference is that it converts the saved Certificate into a Java Key Store.

### How To

First please read the part of [CERT-TYPE](https://vault.koudingspawn.de/supported-secret-types/secret-type-cert), because the Vault-CRD expects the Certificate in a specific format.

After this you can create the following Vault resource in Kubernetes:

```yaml
apiVersion: "koudingspawn.de/v1"
kind: Vault
metadata:
  name: test-certjks
spec:
  path: "secret/test-url.example.com"
  type: "CERTJKS"
```

This will generate the Vault resource and also the secret:

```
$ kubectl get vault test-certjks
NAME           AGE
test-certjks   8d
```

```
$ kubectl get secret test-certjks
NAME           TYPE      DATA      AGE
test-certjks   Opaque    1         8d
```

By default the Key Store is saved in the key.jks path. You can change it with the [jksConfiguration](https://vault.koudingspawn.de/secret-type-pkijks#jksconfiguration) as described in [PKIJKS](https://vault.koudingspawn.de/secret-type-pkijks#jksconfiguration).

### Change Adjustment Callback

For more details please see [Change Detection](https://vault.koudingspawn.de/change-detection)!