Java Key Store- Symmetric Encryption

Creating a Java KeyStore for Symmetric Encryption


1) Create a directory named keystore in your home directory.

2) To create a key in a new KeyStore decide following-

• the alias of the key

• the password for the key

• the size of key. It can be 128 bits or 256 bits.

• the password for the KeyStore

• the filename of the KeyStore

3) To create the key in a new KeyStore, execute the following command:

Consider the following scenario:

• The key’s alias is key1.

• The password for the key is keypwd.

• The size of key is 128 bits.

• The KeyStore password is 123456.

• The KeyStore filename is symencryption.keystore.

Command to create key and keystore:

keytool -genseckey -alias {keyalias} -keypass {keypassword} -storepass {keystore password} -keyalg AES -keysize {key size in bits} -KeyStore {filename of keystore} -storetype JCEKS


keytool -genseckey -alias key1 -keypass keypwd -storepass 123456 -keyalg AES -keysize 128 -KeyStore symencryption.keystore -storetype JCEKS

4) Give following permission to keystore-

chmod 600 symencryption.keystore

5) In the keystore directory, create an empty text file named

symencryption.keystore.passwords and set file persmissions to 400.

6) In the symencryption.keystore.passwords insert the following contents.


7) Done.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s