# Secret Type - PKIJKS

The PKIJKS-Type is the same as the [PKI-Type](/supported-secret-types/secret-type-pki.md). The only difference is that it converts the issued certificate into a Java Key Store.

### How TO

How to generate a PKI is documented by HashiCorp in their Secrets Engine documentation. For a short simple example please see the [How To section of PKi-Type.](/supported-secret-types/secret-type-pki.md#how-to)

After you have generated a PKI create the Vault resource in Kubernetes:

```yaml
apiVersion: "koudingspawn.de/v1"
kind: Vault
metadata:
  name: test-pkijks
spec:
  path: "testpki/issue/testrole"
  type: "PKIJKS"
  pkiConfiguration:
    commonName: "localhost"
    ttl: "7m"
  jksConfiguration:
    password: "changeit"
```

Now you should see the Vault resource in Kubernetes and the newly generated secret:

```
$ kubectl get vault test-pkijks
NAME          AGE
test-pkijks   8d
```

```
$ kubectl get secret test-pkijks
NAME          TYPE      DATA      AGE
test-pkijks   Opaque    1         8d
```

The Java Key Store is saved by default in the key.jks field. It's possible to change the field via the jksConfiguration Object:

### jksConfiguration

```yaml
jksConfiguration:
  password: "changeit"
  alias: "main"
  keyName: "key.jks"
```

The field password defines the password that's used to secure the Key Store. The alias is for defining the name of the TLS-Certificate in the Key store and the key name is for specifying the save path in the secret.

### Change Adjustment Callback

For more details please see [Change Detection](/change-detection.md)!


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://vault.koudingspawn.de/supported-secret-types/secret-type-pkijks.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.