retrieved e.g., if the key has been damaged. Retrieving a private key typically requires a password; this may or may not be the same password that was used to read the entire keystore. This allows private keys to be stored encrypted so they cannot be read without the appropriate password. If the class that provides encryption cannot be found, this method throws a NoSuchAlgorithmException . public final Certificate[] getCertificateChainString alias Return the certificate chain that verifies the entry associated with the given alias, which must represent a key entry. For an alias that represents a certificate entry, and for a key entry that stores a secret key, this method returns null . public final Certificate getCertificateString alias Return the certificate associated with the given alias. If the alias represents a key entry with a private key, the certificate returned is the users certificate that is, the first certificate in the entrys certificate chain; certificate entries have only a single certificate. public final String getCertificateAliasCertificate cert Return the alias that corresponds to the entry that matches the given certificate using the equals method of certificate comparison. If no matches occur, null is returned. public final void setKeyEntryString alias, byte key[], Certificate chain[] public final void setKeyEntryString alias, Key k, char[] password, Certificate chain[] Assign the given private or secret key and certificate chain to the key entry represented by the given alias, creating a new key entry if necessary. Any previous private key and certificate chain or secret key for this entry are lost; if the previous entry was a certificate entry, it now becomes a key entry. If the key is a secret key, the certificate chain should be null . A KeyStoreException is thrown if the key entry cannot be encrypted by the internal encryption algorithm of the keystore. Note that when the key is passed in as a series of bytes, it is not encrypted −− in this case, you are expected to have performed the encryption yourself. public final void setCertificateEntryString alias, Certificate c Assign the given certificate to the certificate entry represented by the given alias, creating a new entry if necessary. If an entry for this alias already exists and is a key entry, a KeyStoreException is thrown. Otherwise, if an entry for this alias already exists, it is overwritten. Note that there is no method that returns an entire entry; you must use the specific methods such as the getKey method to obtain the individual pieces of information you need. These are the basic methods by which we can manage a keystore. Well see examples of many of these methods throughout the rest of this book; for now, lets look at a simple example that handles basic operations on a keystore: package javasec.samples.ch10; import java.io.; import java.security.;