Run the following command in your terminal. This creates a PKCS12 keystore, which is the industry standard for modern Spring Boot applications.
keytool -genkeypair \
-alias signature-key \
-keyalg RSA \
-keysize 2048 \
-sigalg SHA256withRSA \
-storetype PKCS12 \
-keystore keystore.p12 \
-validity 365 \
-dname "CN=Your Name, OU=Dev, O=Company, L=City, S=State, C=US"
-genkeypair: Generates a key pair (public and private key).-alias: The identifier used in your Kotlin code (app.security.key-alias).-keyalg RSA: The encryption algorithm (RSA is the standard for PDF signatures).-keysize 2048: Security strength. 2048 is standard; 4096 is even more secure but slower.-storetype PKCS12: The format required for.p12files.-validity 365: Number of days the certificate is valid.-dname: Distinguished Name.CN(Common Name) should ideally be the name of the signer or the server.
Once generated, place the keystore.p12 file in your project structure:
src/main/resources/keystore.p12
To ensure the keystore was created correctly and see its contents, run:
keytool -list -v -keystore keystore.p12 -storetype PKCS12