elasticsearch-keystore add is the only way to deal with the elasticsearch keystore.
I think you are confusing the elasticsearch keystore which is the keystore elasticsearch uses for its secure settings. You can't create this with other tools.
I think you mean the keystores that you use for TLS i.e. xpack.security.http.ssl.truststore and xpack.security.http.ssl.keystore
The keystore is picked up from $ES_PATH_CONF which defaults to $ES_HOME/config. To be clear, you cannot just point that to an external ( JKS, P12, etc. ) keystore of your own. This is an internal implementation of elasticsearch.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.