# GenerateKeystore() Generates a Java keystore with a key pair and self-signed certificate. **Requires Extension:** [Crypto Extension](https://download.lucee.org/#17AB52DE-B300-A94B-E058FC978BE4542D) ``` GenerateKeystore( keystore=string, keystorePassword=string, alias=string, algorithm=string, subject=string, options=struct ); ``` **Returns:** void # Arguments | Argument | Type | Required | Description | Default | |----------|------|----------|-------------|---------| | keystore | string | Yes | Path to keystore file to create | | | keystorePassword | string | Yes | Password for the keystore | | | alias | string | Yes | Alias for the key entry | | | algorithm | string | No | Key algorithm (RSA-2048, RSA-4096, P-256, P-384, Ed25519, etc.). Default: RSA-2048 | | | subject | string | No | X.500 distinguished name for the certificate. Default: CN=localhost | | | options | struct | No | Optional struct with: keystoreType (PKCS12\|JKS), keyPassword, validityDays | | # Examples ```cfml // Generate a PKCS#12 keystore containing a key pair and self-signed certificate // Useful for Java/Lucee SSL configuration, code signing, etc. // Create a keystore with an RSA key pair GenerateKeystore( "/path/to/keystore.p12", "keystorePassword", "mykey", // alias to identify this key "RSA-2048", "CN=localhost, O=My Company, C=AU" ); // Create a keystore with an EC key pair GenerateKeystore( "/path/to/ec-keystore.p12", "keystorePassword", "eckey", "P-256", "CN=ec-example.com, O=My Company, C=AU" ); // List the aliases in the keystore aliases = KeystoreList( "/path/to/keystore.p12", "keystorePassword" ); // [ "mykey" ] // Extract the key pair and certificate from the keystore result = GetKeyPairFromKeystore( "/path/to/keystore.p12", "keystorePassword", "keystorePassword", // key password (defaults to keystore password if empty) "mykey" ); // result.private - PEM-encoded private key // result.public - PEM-encoded public key // result.certificate - PEM-encoded certificate ``` # Categories [Cryptography](../../categories/crypto.md) # See Also [GetKeyPairFromKeystore()](getkeypairfromkeystore.md), [KeystoreList()](keystorelist.md)