What is the significance of "key password" in keystore using keytool
As the JavaDoc states
The keypass value that you are prompted for specifies a password for the private key about to be generated. You will always need this password in order to access the keystore entry containing that key. The entry doesn't have to have its own password. When you are prompted for the key password, you are given the option of letting it be the same as the keystore password.
A keystore can contain multiple keys and each of these keys can only be accessed using password. So keytool is just giving you an option if you wish to keep the key password same as the keystore you are creating.
As already answered by @Maas, keyPassword is required to access the key entry that is stored in the KeyStore.
The way it happens is first KeyStore Password is used to access/unlock the KeyStore and then keyPassword is used to decrypt the key entry that is there inside that KeyStore.
Generally various implementations/use of ssl consider using same password for KeyStorePassword and keyPassword
That is what is the case in tomcat also. If you see the document tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html they have clearly stated that "your private key password and keystore password should be the same. If they differ, you will get an error along the lines of java.io.IOException: Cannot recover key, as documented in Bugzilla issue 38217, which contains further references for this issue"
Even JSSE implementation wants KeyStorePassword and KeyPassword to be same.
https://access.redhat.com/documentation/en-US/Fuse_MQ_Enterprise/7.1/html/Security_Guide/files/SSL-SysProps.html
https://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/JSSERefGuide.html#KeyManagerFactory