How to create a keystore using the keytool command in Linux

Home > Search > Linux commands > How-to

The keytool command is included with Java, thus you will need to install Java to use the keytool command.

Create keystore

A keystore contains one or more public / private key pairs (private key / public certificate).

A public / private key pair can be used to encrypt packets being transmitted over the Internet. One of the most popular uses of a public / private key pair is to encrypt the resources being transmitted to clients from a web server. The first step is to create the private key. In this example, the private key is placed on the web server so that HTTPS can be used. As the name implies, a private key is private, and should never ever be made public.


In this example, a keystore named DefaultKeystore.jks is created, with a single private key with an alias of

keytool -genkey -alias -keyalg RSA -keystore DefaultKeystore.jks -keysize 2048


In this example, a PKCS12 keystore is created.

keytool -genkey -alias -keyalg RSA -keystore DefaultKeystore.p12 -keysize 2048 -storetype PKCS12


Add a Comment

We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.

Please enter in the box below so that we can be sure you are a human.