In development mode (when ``devMode = true``, see :doc:`corda-configuration-file` for more information) a pre-configured keystore will be used if the keystore does not exist.
The utility creates certificate signing request based on node information obtained from the node configuration.
The following information from the node configuration file is needed to generate a certificate signing request.
:myLegalName:Your company's legal name. e.g. "R3 CEV, LLC"
:nearestCity:e.g. "London"
:emailAddress:e.g. "admin@company.com"
:certificateSigningService:Certificate signing server URL. A certificate signing server will be hosted by R3 in the near future. e.g."https://testnet.certificate.corda.net"
A new pair of private and public keys will be generated by the utility and will be used to create the request.
The utility will submit the request to the network permissioning server and poll for a result periodically to retrieve the certificates.
Once the request has been approved and the certificates downloaded from the server, the utility will create the key store and trust store using the certificates and the generated private key.
..note:: You can exit the utility at anytime if the approval process is taking longer then expected. The request process will resume on restart.
This process only needs to be done once when the node connects to the network for the first time, or when the certificate expires.
A ``certificates`` folder containing the keystore and trust store will be created in the base directory when the process is completed.
..warning:: The keystore is protected by the keystore password from the node configuration file. The password should kept safe to protect the private key and certificate.
..note:: Password encryption in node configuration will be supported in subsequent release.