Generating the Java Keystore

Java keystores provide a convenient mechanism for storing and deploying X.509 certificates and private keys.

To create a private key, use the keystore tool located in the $JAVA_HOME/bin directory. You are required to use these private keys when calling Event Stream Processor utilities. For instance, esp_cluster_admin requires a self-signed private key.
Note: Steps 2 to 9 use sample values. The values you enter may vary.
  1. From the command line, run the following script to generate a self-signed key:
    keytool -genkey -alias username -keyalg RSA -keysize 1024 -keystore filename.jks
    Note: The user name and keystore filename required in the command are variable.
    Press Return.
  2. Enter a new keystore password.
    Enter keystore password: testpass
    Note: The password does not appear as you type for security reasons.
    Press Return.
  3. Re-enter the new keystore password.
    Re-enter new password: testpass
    Note: The password does not appear as you type for security reasons.
    Press Return.
  4. Enter your first and last name.
    What is your first and last name?
  [Unknown]:  john smith
    Press Return.
  5. Enter the name of your organizational unit.
    What is the name of your organizational unit?
  [Unknown]:  business
    Press Return.
  6. Enter the name of your organization.
    What is the name of your organization?
  [Unknown]:  company name
    Press Return.
  7. Enter the name of your city or locality.
    What is the name of your City or Locality?
  [Unknown]:  new york
    Press Return.
  8. Enter the name of your state or province.
    What is the name of your State or Province?
  [Unknown]:  new york
    Press Return.
  9. Enter your two-letter country code.
    What is the two-letter country code for this unit?
  [Unknown]:  us
    Press Return.
  10. Enter yes or y to verify that your information is correct.
    Is CN=john doe, OU=business, O=company name, L=new york, ST=new york, C=us correct?
  [no]:  y
    Press Return.
  11. Enter your key password for <ceptest> and press Return. If the key password and keystore password are the same, simply hit Return to provide the necessary value.
    Enter key password for <ceptest>
        <RETURN if same as keystore password>:
    Note: The password does not appear as you type for security reasons.
    Your new keystore file is created.
Parent topic: Secure Sockets Layer (SSL) Connections