I am referring this link to configure the CA certifiate. I have a question here. The alias name which is used during 1)generating keypairs and 2)Certificate singing request should be the one used while importing the final CA into the keystore and truststore? or can it be imported with different alias?
The alias of the keypair, the CSR, and the imported signed certificate must all be the same.
Otherwise the keytool has no way of associating the signed certificate with the private key.