Java Keytool Introduction

Advanced Encryption Standard (AES)

Generate a Java Keystore and Secret Key

Advanced Encryption Standard (AES) Key and Keystore's

AES is used for private (secret) key infrastructures and signing. Cipher suites that use AES_256 might require installation of the JCE Unlimited Strength Jurisdiction Policy Files from Oracle
Optional -dname may be used for idenitfying the key

For Private Client Authentication and not for SSL/TLS Public use

Creating an AES 128 bit key

Here is how to create an AES 128 bit key with a JCEKS keystore.

 keytool -genseckey -keyalg AES -alias aes128 -keysize 128 -keypass AESKey123 -keystore this.keystore -storetype jceks -storepass changeit 

Check the AES 128 bit key and keystore creation

 keytool -list -v -keystore this.keystore -storetype jceks -storepass changeit

AES128

Creating an AES 192 bit key

Here is how to create an AES 192 bit key with a JCEKS keystore.

Creating an AES 256 bit key

Here is how to create an AES 256 bit key with a JCEKS keystore.

 keytool -genseckey -keyalg AES -alias aes256 -keysize 256 -keypass AESKey123 -sigalg SHA512withRSA -keystore that.keystore -storetype jceks -storepass changeit 

Check the AES 256 bit key and keystore creation

 keytool -list -v -keystore that.keystore -storetype jceks -storepass changeit
AES256