In order to create a new KeyStore, click on Menu File > New KeyStore
or use the
default keyboard shortcut CTRL+N
. A new window for the new
created KeyStore will be opened. The Create New KeyStore File dialog is
more complex than in a standard MDI application, because there are more
settings to be bound from the beginning such as the KeyStore password and
type. Protection being an important factor it is important to bind the
KeyStore file name with the password from the beginning.
The available KeyStore types are:
jks - Java KeyStore (Oracle's KeyStore format);
pkcs12 - Public-Key Cryptography Standards #12 KeyStore (RSA's Personal Information Exchange Syntax Standard);
jceks - Java Cryptography Extension KeyStore (More secure version of JKS);
bks - Bouncy Castle KeyStore (Bouncy Castle's version of JKS);
bks-v1 - Legacy version of Bouncy Castle KeyStore - this has been added for people needing to create and manage key stores compatible with earlier versions of Bouncy Castle (less than 1.49);
uber - Bouncy Castle UBER KeyStore (More secure version of BKS).
When creating (and in general handling) a pkcs12 or a uber type KeyStore, longer passwords either for the KeyStore of the Key Pairs requires that you have the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files installed. If you are not allowed to install it then you will need to use smaller passwords (e.g. maximum 7 characters). Otherwise you may encounter "Illegal Key Size" errors when accessing pkcs12 or uber files or keys inside them.
This is a matter of import control restrictions in most of the countries and is not related to technical reasons.