The Private Key is a file created from the host address, company name, and location. This is paired with a Public Key.
Certificate Request File:
The CSR File is generated from a Private Key. It is an encoded text file based on the same information used to create the Private Key: host address, company name, location. This file is sent to a Certificate Authority to generate a CA-signed Public Key.
The Public Key is paired with a Private Key. The Private Key in an SSL setup is stored on the server, and the Public Key is sent to the client. The Public Key is also known as the certificate.
Java uses another container file called the Keystore File. This can be named anything, and located anywhere. In CSA you enter this file location under the Security tab of Server Properties. It is protected by a password, which you also enter in CSA. The most important point here is that the keystore contains your private key. You cannot extract your private key from this file. You can only create a private key by placing it in a keystore file. A keystore file can contain multiple private/public key pairs. They are differentiated by an alias. If you do not specify an alias, the default alias 'mykey' is used. We have not tried using a keystore with multiple key pairs with Orion.
This is the cryptic JDK command line that you use to do everything mentioned above.