--为服务器生成证书
keytool -genkey -v -alias tomcat -keyalg RSA -keystore D:\Programs\apache-tomcat-keystore\tomcat.keystore -validity 36500
12345678
localhost
FacePK
FacePK
ShenZhen
GuangDong
CN
Y
--为客户端生成证书
keytool -genkey -v -alias facepk -keyalg RSA -storetype PKCS12 -keystore D:\Programs\apache-tomcat-keystore\facepk.p12
--让服务器信任客户端证书
keytool -export -alias facepk -keystore D:\Programs\apache-tomcat-keystore\facepk.p12 -storetype PKCS12 -storepass 12345678 -rfc -file D:\Programs\apache-tomcat-keystore\facepk.cer
keytool -import -v -file D:\Programs\apache-tomcat-keystore\facepk.cer -keystore D:\Programs\apache-tomcat-keystore\tomcat.keystore
keytool -list -keystore D:\Programs\apache-tomcat-keystore\tomcat.keystore
--让客户端信任服务器证书
keytool -keystore D:\Programs\apache-tomcat-keystore\tomcat.keystore -export -alias tomcat -file D:\Programs\apache-tomcat-keystore\tomcat.cer
原文地址:点击打开链接