A keystore is a file that holds the public and private key pairs and certificates. The Keystore is a database of public and private keys. Java keytool is used to generate the public/private key pairs. Java keytool utility is present at %JAVA_HOME%/bin.
To generate a keystore, perform the following actions:
- Open a Command prompt window and type in the following command and press ENTER:
%JAVA_HOME%\bin\keytool -genkey -alias [alias name] -keystore [keystoreName] -keyalg [algorithm] -validity [days in integer] -storepass [store password] - keypass [key password]
Here is a brief description of the options used in the keytool command:
Key Description
-genkey
Requests keytool to generate a key pair
-alias
Identifies the new key pair within the keystore
-storetype
Declares the type of the keystore. JKS is the default type
-keyalg
Declares the algorithm to be used; we are using the RSA public key algorithm, which is the default
-storepass
Specifies the password for the entire keystore
-keypass
Specifies the password for the new key pair
-Validity
It is the validity of the key pair in days
-keystore
File that holds the public and private key pairs
For example, to generate the keystore in the directory d:\WorkStudio\keystore, the command would be:
D:\WorkStudio\keystore>%JAVA_HOME%\bin\keytool -genkey -alias client1 -keystore client1.keystore -keyalg RSA -validity 365 -storepass cl1storepass -keypass cl1keypass
Press ENTER. The result of the command is as shown in the below figure.
Figure 1: Running the keytool command