Generate keystores

To continue, you must have the following files either from a trusted CA or created with OpenSSL:

Then, follow these steps to generate the keystores.

Convert the servercert.pem file to PKC12 format (*.p12) using the following command:
```
openssl pkcs12 -export -in servercert.pem -inkey serverkey.pem -out servercert.p12 -name servercertificate
```
The converted file (servercert.p12) acts as a server certificate and is used to generate the keystore. When prompted for Export Password, enter a password and keep the password safe.
Create a Java keystore file by converting the servercert.p12 file to Java Keytool format by using the following command:
```
keytool -importkeystore -destkeystore servercert.jks -srckeystore servercert.p12 -srcstoretype PKCS12 -alias servercertificate
```
When prompted for the destination keystore password, enter a password and keep it safe. It will be used as the keystore password in the server.xml file. Also, when prompted for the source keystore password, enter the export password in the servercert.p12 file created in step 1.
Go to the demoCA folder (cd demoCA) and create a Java truststore file by converting the cacert.pem file to Java Keytool format by using the following command:
```
keytool -import -keystore cacerts.jks -alias cacert -file cacert.pem
```
When prompted for the keystore password, enter a password and keep the password safe. It will be used as the truststore password in the server.xml file.