4. Generate Public and Private Keys

This step must be repeated on all agent and manager host machines.

Generate a key pair (a public key and associated private key). Wrap the public key into an X.509 v1 self-signed certificate, which is stored as a single-element certificate chain. This certificate chain and the private key are stored in a new keystore entry identified by alias.

In the following command, the -dname parameters designates the X.500 Distinguished Name for the host where you are generating the certificates. The commonName field must be the machine's hostname.

$ keytool -genkey -alias alias -keyalg RSA -keysize 1024 -sigalg MD5withRSA
          -dname "CN=commonName, OU=orgUnit, O=org, L=location, S=state, C=country"
          -keypass passPhrase -storetype jks -keystore yourHome/.keystore
          -storepass passPhrase

Previous: 3. Designate your Security Provider
Next: 5. Export a Local Certificate