You have generated a self signed certificate or a client gives you a certificate with a private key that was signed by the client's signing authority. You want to create a new Java keystore using your new private key or the client's existing private key.
First you need to combine the certificate and the private key using the command below.
# openssl pkcs12 -export -in certificate.crt -inkey private.key -certfile certificate.crt -name "my_tomcat_certificate" -out keystore.p12
Next you will need to use the java keytool command to create the new keystore in JKS format.
# $JAVA_HOME/bin/keytool -importkeystore -srckeystore keystore.p12 -srcstoretype pkcs12 -destkeystore /path/to/some/.keystore -deststoretype JKS
View the private key in your newly created keystore:
# $JAVA_HOME/bin/keytool -list -keystore /path/to/some/.keystore -storepass mysecretpassword
Note: If you leave out the "-storepass" parameter, you will be prompted for the password.
Keystore type: JKS Keystore provider: SUN Your keystore contains 1 entry my_tomcat_certificate, Apr 27, 2016, PrivateKeyEntry, Certificate fingerprint (SHA1): 4A:52:B4:E3:C6:CD:A5:36:F7:29:BE:A1:CD:3D:D8:2C:C4:3B:EC:D5