In this case, I think keytool does the right thing in term of generating the right type of keys, but if you look at the output, keytool is basically outputing whatever the keyalgo string that user typed in. It is not a security bug, but I think we could do much better than this. My feeling is that as a leader in this space, we should accept any input that user make as long as we can make some sense out of it, but when comes to present the info the user, we should promote a standard look:

RSA is "RSA", not "RsA", "rSA", "RSa"
SHA1WithRSA is "SHA1WithRSA", not "ShA1wItHRSA", "sHa1wIThRSA"

genPKCS12Cert.sh:
#CA
keytool -genkey -v -alias pkcs12testCA -keyalg "RsA" -keysize 2048 -sigalg "ShA1wItHRSA" -dname "cn=PKCS12 Test CA, ou=Security SQE, o=JavaSoft, c=US" -validity 3650 -keypass storepass -keystore keystoreCA.jceks.data -storepass storepass -storetype jceKS

#Lead
keytool -genkey -v -alias pkcs12testLead -keyalg "rSA" -keysize 1024 -sigalg "mD5withRSA" -dname "cn=PKCS12 Test Lead, ou=Security SQE, o=JavaSoft, c=US" -validity 3650 -keypass storepass -keystore keystoreLead.jceks.data -storepass storepass -storetype jCeks

#End User 1
keytool -genkey -v -alias pkcs12testEndUser1 -keyalg "RSa" -keysize 1024 -sigalg "sHa1wIThRSA" -dname "cn=PKCS12 Test End User 1, ou=Security SQE, o=JavaSoft, c=US" -validity 3650 -keypass storepass -keystore keystoreEndUser1.jceks.data -storepass storepass -storetype Jceks


OUTPUT:

$ ./genPKCS12Cert.sh
Generating 2,048 bit RsA key pair and self-signed certificate (ShA1wItHRSA)
        for: CN=PKCS12 Test CA, OU=Security SQE, O=JavaSoft, C=US
[Saving keystoreCA.jceks.data]
Generating 1,024 bit rSA key pair and self-signed certificate (mD5withRSA)
        for: CN=PKCS12 Test Lead, OU=Security SQE, O=JavaSoft, C=US
[Saving keystoreLead.jceks.data]
Generating 1,024 bit RSa key pair and self-signed certificate (sHa1wIThRSA)
        for: CN=PKCS12 Test End User 1, OU=Security SQE, O=JavaSoft, C=US
[Saving keystoreEndUser1.jceks.data]
$