问题:

οκ!I want to establish a client server communication oves SSL/TLS in java. The server is multithreaded. With openssl I acted as my own CA (created private key and self-signed certificate for the authority). Now I want to create keys and certs for my server and clients which are signed from the CA I created.

1)Do I have to create certs and keys from the prompt for every single client? Or is it another "automated" way eg with a script?

2) I have seen that this code for setting up keystores

private void setupClientKeyStore() throws GeneralSecurityException, IOException 
    {
    clientKeyStore = KeyStore.getInstance( "JKS" );
    clientKeyStore.load( new FileInputStream( "client1publickey.jks" ),
                       "password".toCharArray() );
    }

    private void setupServerKeystore() throws GeneralSecurityException, IOException
    {
    InputStream keyStoreResource = new FileInputStream("serverprivatekey.jks");
    char[] keyStorePassphrase = "password".toCharArray();
    serverKeyStore = KeyStore.getInstance("JKS");
    serverKeyStore.load(keyStoreResource, keyStorePassphrase);
}

I have run the command to see what type of entries are these and client1publickey is a TrustedCert entry while serverprivatekey is a PrivateKey entry. This code is on my server class. I have this code on my client class

 private void setupServerKeystore() throws GeneralSecurityException, IOException {
    serverKeyStore = KeyStore.getInstance( "JKS" );
    serverKeyStore.load( new FileInputStream("serverpublickwy.jks"), 
                        "university".toCharArray() );
  } 
   private void setupClientKeyStore() throws GeneralSecurityException, IOException {
    clientKeyStore = KeyStore.getInstance( "JKS" );
    clientKeyStore.load( new FileInputStream( "client1privatekey.jks" ),
                       "university".toCharArray() );}