The command line tool "keytool" as part of the JDK is not the best tool from an usability perspective. There is the issue of various signature algorithms (DSA,RSA etc), various keystore types(JKS,pkcs12 etc), generation of CSRs etc.
I did play around with the "keyman" tool available from IBM for free. Quite decent.
I came across the following OSS tool "CSRTool". I have not yet played around with it.