I am trying to generate a keystore. I have set a password for the keystore but I am trying to not set a password for the key.
keytool -storepass "$password" -keystore ${PFX_broker}server.keystore.jks -alias $brokerCertAlias -validity $validity -genkey -dname "CN=$CN" -noprompt;
The above command will prompt me for a key password which defaults to the store pass when I press enter.
Is it possible to skip setting a password for the key altogether and not have a prompt?
There are parameters to specify key and store passwords
-keypass <your-pass> and -storepass <your-pass>
E.g.
keytool -storepass pass123 -keypass pass123 -keystore keystore.jks -alias myalias -validity 99 -genkey -noprompt
I know this is an old question but I'm facing the same issue and adding -keypass password and because I have a store source too, I'm adding -srcstorepass password for me works. Try this:
keytool -storepass "$password" -keystore ${PFX_broker}server.keystore.jks -alias $brokerCertAlias -validity $validity -genkey -dname "CN=$CN" -noprompt -keypass "$password" -srcstorepass "$password"
But might be different in your case.
It seems keytool always requires a password for both the store and the key. There is no way around it.