A common request is that when a server is configured for SSL the alias to use from the KeyStore can be specified - this can be a little short sighted as a huge advantage of multiple entries in a single KeyStore is that different entries can be used depending on the selected cipher suite.

A better option may be to add alias filtering so a wrapper KeyStore can still make a number of underlying entries available.

Alias filtering is better handled at the KeyStore level as the KeyManager should be performing additional checks to ensure the keys and signatures are compatible with the current cipher suite.