GenerateKeystore()
Generates a Java keystore with a key pair and self-signed certificate.
Requires Extension: Crypto Extension
GenerateKeystore( keystore=string, keystorePassword=string, alias=string, algorithm=string, subject=string, options=struct );
Returns: void
| Argument | Description |
|---|---|
|
keystore
string,
required
|
edit
Path to keystore file to create |
|
keystorePassword
string,
required
|
edit
Password for the keystore |
|
alias
string,
required
|
edit
Alias for the key entry |
|
algorithm
string,
optional
|
edit
Key algorithm (RSA-2048, RSA-4096, P-256, P-384, Ed25519, etc.). Default: RSA-2048 |
|
subject
string,
optional
|
edit
X.500 distinguished name for the certificate. Default: CN=localhost |
|
options
struct,
optional
|
edit
Optional struct with: keystoreType (PKCS12|JKS), keyPassword, validityDays |
Examples
edit// Generate a PKCS#12 keystore containing a key pair and self-signed certificate
// Useful for Java/Lucee SSL configuration, code signing, etc.
// Create a keystore with an RSA key pair
GenerateKeystore(
"/path/to/keystore.p12",
"keystorePassword",
"mykey", // alias to identify this key
"RSA-2048",
"CN=localhost, O=My Company, C=AU"
);
// Create a keystore with an EC key pair
GenerateKeystore(
"/path/to/ec-keystore.p12",
"keystorePassword",
"eckey",
"P-256",
"CN=ec-example.com, O=My Company, C=AU"
);
// List the aliases in the keystore
aliases = KeystoreList( "/path/to/keystore.p12", "keystorePassword" );
// [ "mykey" ]
// Extract the key pair and certificate from the keystore
result = GetKeyPairFromKeystore(
"/path/to/keystore.p12",
"keystorePassword",
"keystorePassword", // key password (defaults to keystore password if empty)
"mykey"
);
// result.private - PEM-encoded private key
// result.public - PEM-encoded public key
// result.certificate - PEM-encoded certificate
See also
- Cryptography
- GetKeyPairFromKeystore()
- KeystoreList()
- Search Issue Tracker open_in_new
- Search Lucee Test Cases open_in_new (good for further, detailed examples)