Why Do I need to use PKCS12 for my KeyStore, and JKS for my TrustStore?
The server certificate assigned to you has both a key and certificate. The Java keytool facility does not allow you to import a key into a KeyStore, it only allows you to generate a new key. OpenSSL will allow you to do this, but it cannot generate JKS format files, it can only generate PKCS12 files. On the other side, the TrustStore file can contain a list of certificates. However, OpenSSL will not create a PKCS12 file containing multiple certificates that the Java security tools can read (as far as I have been able to determine), so you need to use the Java keytool to import certificates into a TrustStore file.