Although you can set the ssl keystore type to pkcs12, only xmpp uses the setting. The admin console assumes the keystore is a jks type which causes it to barf big time when it tries to load the pkcs12 keystore.
The truststore is assumed to be in the same format as the keystore. If you use a pkcs12 keystore you MUST create a truststore in the same format and specify it in the properties or it’‘s not going to work. You can’'t even leave the truststore to default.
Both bugs are minor. I can provide patches for both if interested.
george
(looking forward to 3.1.0