When enabling HTTPS, one defines a keystore and then sets an alias under which a private key is found in the keystore. The Swarm's configurable name for the alias of the key is swarm.http.certificate.alias, which is misleading.
It isn't an alias of a certificate entry in the keystore, it's an alias of a key entry in the keystore. Hence, it should be called swarm.http.key.alias (which would nicely complement the existing swarm.http.key.password).
Obviously, the old name should first be deprecated and only then removed.