keytool -genkeypair -alias tomcat -keyalg RSA -validity 365 -keystore /usr/tomcat.keystore
<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" SSLEnabled="true"
clientAuth="true" scheme="https" secure="true" sslProtocol="TLS"
keystoreFile="/mnt/apache-tomcat-8.5.8/certificate/service/service.keystore" keystorePass="zzcul**22" keyAlias="zzculSMS" keyPass="servicezzcul"
truststoreFile="/mnt/apache-tomcat-8.5.8/certificate/trustCilent/trustkey.keystore" trustorePass="zzcultrust">
</Connector>
keytool -genkey -v -alias mykey -keyalg RSA -storetype PKCS12 -keystore /tmp/client.key.p12
keytool -export -alias mykey -keystore /tmp/client.key.p12 -storetype PKCS12 -storepass password -rfc -file /tmp/client.key.cer
keytool -import -v -file /tmp/client.key.cer -keystore /tmp/tomcat.keystore