Core certificate functionality comes from Bouncycastle, and this keytool pluing currently supports: JKS and PKCS #12.
JKS stands for Java Keystore, and is what is mainly used in java.
It's SUN's keyring format including private keys, authentication chain and friendly name. The keystore can import/export X.509 certificates.
Default extension: .cer for certificates, and .keystore, cacerts for keystores.
Personal Information Exchange, is a keystore that can contain one or more certificates.
Internet Explorer can import PKCS #12 keystores.
Default extension: .pfx, p12.