Airlock IAM uses JCEKS keystores as the default type for external secrets. Standard tools i.e. keytool can be used to manage secrets and to create new keystores. See the keytool man pages for details.
Example listing key store entries using standard keytool:
keytool -keystore sensitive-values.jceks -storetype JCEKS -list
We do not recommend writing values to a key store using external tools, due to the following reasons:
- If IAM updates e.g. the encoding of secrets, then the manual management would have to be adapted as well.
- If IAM at some point switches to a different key store type or employs better encryption algorithms, manual management may not benefit from these improvements.