A Certificate Authority is a trusted company that agrees to vouch for the identity of a site, usually for a fee.
Generally, the more widely the CA is known as a reputable organization, the more they will charge you per year to verify your site's identity.
SSL provides this proof by requiring that one or more of the parties present a digital certificate into the initial negotiation of the connection, prior to the transmission of any encrypted data.
Before transmitting any data, the sender encrypts its message, and the receiver must in turn decrypt the message before processing it.Make sure this information is accurate, as you will have to submit this file to the Certificate Authority of your choice to obtain a certificate.The last thing keytool will ask you to specify is the key password, which is the password specific to this specific certificates.Rather than enter anything at this prompt, just press ENTER.This will cause keytool to set the key password to a value equivalent to the keystore password.
Again, choose whatever you like (but don't forget it).