I tried creating a keytool using the following command in my C:\Program Files\Java\jdk15.x.x_x\bin.:
keytool -genkey -alias demospring -keyalg RSA -keystore demospring.jks -keysize 2048
I am being asked to create the password, but not the alias password. Am I missing something? I am still pretty new to the concept. Thanks for any help in advance!
Since Java version 9, it has transitioned the default JKS keystore to PKCS12 (read here). JKS is java's proprietary format and PKCS12 is more of a standard format (which is understood by various other applications).
The difference between these two formats in terms of the keypass is, in JKS you can set different keystore password (password that protects the keystore) and key password (a second password that protects the key, could be same as keystore), but for pkcs12, they both have to be the same.
Since the storepass and keypass are the same, keytool won't prompt the keypass, it will just use the storepass. Once you create your keystore, if you see the details of the keystore using -list command it will show you its format.
If you pass in the keypass argument for PKCS12 keystore, keytool will show you this warning:
Warning: Different store and key passwords not supported for PKCS12 KeyStores. Ignoring user-specified -keypass value.
You can change the keystore type format with the -storetype argument, But if you use storetype as JKS, keytool will show you this warning:
Warning: The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore demospring.jks -destkeystore demospring.jks -deststoretype pkcs12".