I am trying to create a PKCS12 keystore file using Java API. However as soon as I try to import the certificate I get the exception

我正在尝试使用 Java API 创建一个 PKCS12 密钥库文件。但是，一旦我尝试导入证书，我就会收到异常

java.security.KeyStoreException: TrustedCertEntry not supported

my code is:

我的代码是：

Provider p = Security.getProvider(BouncyCastleProvider.PROVIDER_NAME);
...
KeyStore keyStore = KeyStore.getInstance("PKCS12");
keyStore.load(null, keystorePass);

keyStore.setCertificateEntry("certificate", certificate);

keyStore.setKeyEntry("key",privateKey, keypass, certChain);

The same approach works for creating JKS files but failed for PKCS12 files.

相同的方法适用于创建 JKS 文件，但无法用于 PKCS12 文件。

Note: The certificate given to this program as input is created by the server using the CSR generated with the same private key used here. I.e. the public modulus for the given certificate, CSR used to generate it and the given private key are the same.

注意：作为输入提供给该程序的证书是由服务器使用使用此处使用的相同私钥生成的 CSR 创建的。即给定证书的公共模数、用于生成它的 CSR 和给定的私钥是相同的。

The server cert is stored in variable certChain.

服务器证书存储在变量 certChain 中。

Note: I have tried OpenSSL to create the pkcs12 and I was successful, however I need to do the same using Java API.

注意：我已经尝试使用 OpenSSL 创建 pkcs12 并且我成功了，但是我需要使用 Java API 做同样的事情。

Note: I am using JDK 7

注意：我使用的是 JDK 7