Invalid keystore format - tomcat

i have generated certificate using Bouncy Castle library, my sample code is as below,

String domainName       ="localhost";
    String certPath         ="C://testCert.crt";

    KeyPairGenerator keyPairGenerator;
    try {
        Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider ());

        keyPairGenerator = KeyPairGenerator.getInstance("RSA");

        keyPairGenerator.initialize(1024);
        KeyPair KPair = keyPairGenerator.generateKeyPair();

        X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator(); 


        v3CertGen.setSerialNumber(BigInteger.valueO开发者_高级运维f(Math.abs(new SecureRandom().nextInt())));
        v3CertGen.setIssuerDN(new X509Principal("CN=" + domainName + ", OU=None, O=None L=None, C=None"));
        v3CertGen.setNotBefore(new Date(System.currentTimeMillis() - 1000L * 60 * 60 * 24 * 30));
        v3CertGen.setNotAfter(new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 365*10)));
        v3CertGen.setSubjectDN(new X509Principal("CN=" + domainName + ", OU=None, O=None L=None, C=None"));

        v3CertGen.setPublicKey(KPair.getPublic());
        v3CertGen.setSignatureAlgorithm("MD5WithRSAEncryption");

        X509Certificate pkCertificate = v3CertGen.generateX509Certificate(KPair.getPrivate());  

        KeyStore keystore = KeyStore.getInstance("JKS");
        keystore.load(null, null);
        keystore.setKeyEntry("test", KPair.getPrivate(), "password".toCharArray(), new X509Certificate[] {pkCertificate});


        FileOutputStream fos;

        fos = new FileOutputStream(certPath);
        fos.write(pkCertificate.getEncoded());
        fos.close();


    }catch (Exception e1) {
        e1.printStackTrace();
    }

Certificate generated successfully without any compilation error, But on startup of tomcat error generated

"SEVERE: Failed to load keystore type JKS with path C:/testCert.crt due to Invalid keystore format"

Entry for server.xml is as below,

<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true" maxHttpHeaderSize="8192"
           maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" 
           disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" 
           clientAuth="false" sslProtocol="TLS" keystoreAlias="test" keystorePass="password" 
           keystoreFile="C:/testCert.crt" />

you dont' need to write the encoded form of the certificate to the file(fos.write(pkCertificate.getEncoded()); is the wrong thing to do), but use keyStore.store(fos,"password".toCharArray); instead.