diff --git a/changelogs/fragments/9970-pkcs12_alias_cert_alias_optional.yml b/changelogs/fragments/9970-pkcs12_alias_cert_alias_optional.yml
new file mode 100644
index 0000000000..aff7b126c3
--- /dev/null
+++ b/changelogs/fragments/9970-pkcs12_alias_cert_alias_optional.yml
@@ -0,0 +1,2 @@
+bugfixes:
+  - java_cert - the module no longer fails if the optional parameters ``pkcs12_alias`` and ``cert_alias`` are not provided (https://github.com/ansible-collections/community.general/pull/9970).
diff --git a/plugins/modules/java_cert.py b/plugins/modules/java_cert.py
index 8746c2d617..b75021fc57 100644
--- a/plugins/modules/java_cert.py
+++ b/plugins/modules/java_cert.py
@@ -315,12 +315,13 @@ def _export_public_cert_from_pkcs12(module, executable, pkcs_file, alias, passwo
         "-noprompt",
         "-keystore",
         pkcs_file,
-        "-alias",
-        alias,
         "-storetype",
         "pkcs12",
         "-rfc"
     ]
+    # Append optional alias
+    if alias:
+        export_cmd.extend(["-alias", alias])
     (export_rc, export_stdout, export_err) = module.run_command(export_cmd, data=password, check_rc=False)
 
     if export_rc != 0:
@@ -393,6 +394,10 @@ def import_pkcs12_path(module, executable, pkcs12_path, pkcs12_pass, pkcs12_alia
                        keystore_path, keystore_pass, keystore_alias, keystore_type):
     ''' Import pkcs12 from path into keystore located on
         keystore_path as alias '''
+    optional_aliases = {
+        "-destalias": keystore_alias,
+        "-srcalias": pkcs12_alias
+    }
     import_cmd = [
         executable,
         "-importkeystore",
@@ -401,13 +406,14 @@ def import_pkcs12_path(module, executable, pkcs12_path, pkcs12_pass, pkcs12_alia
         "pkcs12",
         "-srckeystore",
         pkcs12_path,
-        "-srcalias",
-        pkcs12_alias,
         "-destkeystore",
         keystore_path,
-        "-destalias",
-        keystore_alias
     ]
+    # Append optional aliases
+    for flag, value in optional_aliases.items():
+        if value:
+            import_cmd.extend([flag, value])
+
     import_cmd += _get_keystore_type_keytool_parameters(keystore_type)
 
     secret_data = "%s\n%s" % (keystore_pass, pkcs12_pass)
diff --git a/tests/integration/targets/java_cert/tasks/main.yml b/tests/integration/targets/java_cert/tasks/main.yml
index 25ec87e8f9..f572f22ee2 100644
--- a/tests/integration/targets/java_cert/tasks/main.yml
+++ b/tests/integration/targets/java_cert/tasks/main.yml
@@ -10,7 +10,6 @@
 
 - when: has_java_keytool
   block:
-
     - name: prep pkcs12 file
       ansible.builtin.copy:
         src: "{{ test_pkcs12_path }}"
@@ -33,6 +32,21 @@
         that:
         - result_success is successful
 
+    - name: import pkcs12 without alias params
+      community.general.java_cert:
+        pkcs12_path: "{{ remote_tmp_dir }}/{{ test_pkcs12_path }}"
+        pkcs12_password: changeit
+        keystore_path: "{{ remote_tmp_dir }}/{{ test_keystore_path }}"
+        keystore_pass: changeme_keystore
+        keystore_create: true
+        state: present
+      register: result_success_excl_aliases
+
+    - name: verify success
+      ansible.builtin.assert:
+        that:
+        - result_success_excl_aliases is successful
+
     - name: import pkcs12 with wrong password
       community.general.java_cert:
         pkcs12_path: "{{ remote_tmp_dir }}/{{ test_pkcs12_path }}"