A keystore is a file that holds the public and private key pairs and certificates. The Keystore is a database of public and private keys. Java keytool is used to generate the public/private key pairs. Java keytool utility can be accessed from %JAVA_HOME%/bin.
To generate a keystore, perform the following actions:
- Open a Command prompt window and type in the following command and press ENTER:
%JAVA_HOME%\bin\keytool -genkey -alias [alias name] -keystore [keystoreName] -keyalg [algorithm] -validity [days in integer] -storepass [store password] - keypass [key password]
Here is a brief description of the options used in the keytool command:
Key Description
-genkey
Requests keytool to generate a key pair
-alias
Identifies the new key pair within the keystore
-storetype
Declares the type of keystore. JKS is the default storetype
-keyalg
Declares the algorithm to be used. RSA public key is the default algorithm.
-storepass
Specifies the password for the entire keystore
-keypass
Specifies the password for the new key pair
-Validity
Validity of the key pair in days
-keystore
File that holds the public and private key pairs
For example, to generate the keystore in the directory d:\WorkStudio\keystore, provide the command:
D:\WorkStudio\keystore>%JAVA_HOME%\bin\keytool -genkey -alias client1 -keystore client1.keystore -keyalg RSA -validity 365 -storepass cl1storepass -keypass cl1keypass
Press ENTER. The result of the command is as shown in the figure below.
Figure 1: Running the keytool command