How to create Java Keystore with existing SSL certificate

Secure Sockets Layer (SSL), more commonly called TLS is a protocol that is used to secure communication between systems. This protocol uses a public key, a private key and a random symmetric key to encrypt data.

An SSL certificate is a digital certificate that authenticates a website’s identity and enables an encrypted connection. Organizations need to get CA-signed SSL certificates to serve their web applicaitons over the HTTPS.

In Java based application servers, KeyStore store the SSL key details. Keystore comes with a private/public key pair that is used for all purposes, such as encrypting sensitive information, communicating over SSL.

Keystore can be generated from existing CA signed SSL certificate or can generate Keysore and later get it signed via a certificate signing request (CSR).

Since SSL is widely used in many systems, certificates may already exist that can be reused. In such situations, you can use an already existing CA-signed certificate to generate your keystore for SSL by using OpenSSL and Java keytool.

Note: CA signed SSL certificate now can be easlily created using https://certbot.eff.org/

Steps to Generate KeyStore: