keytool -genkey -v -alias server -keyalg RSA -keystore D:\apache-tomcat\apache-tomcat-6.0.20.8443\server.keystore -dname "CN=192.168.1.105,OU=xxxx.net,O=soa,L=HF,ST=AH,C=CN" -validity 3650 -storepass friendone -keypass password
keytool -export -alias server -keystore D:\apache-tomcat\apache-tomcat-6.0.20.8443\server.keystore -storepass friendone -rfc -file D:\apache-tomcat\apache-tomcat-6.0.20.8443\server.cer
keytool -genkey -v -alias client -keyalg RSA -storetype PKCS12 -keystore D:\apache-tomcat\apache-tomcat-6.0.20.8443\client.p12 -dname "CN=192.168.1.105,OU=xxxx.net,O=soa,L=HF,ST=AH,C=CN" -validity 3650 -storepass password -keypass password
4、导出客户端证书:
keytool -export -alias client -keystore D:\apache-tomcat\apache-tomcat-6.0.20.8443\client.p12 -storetype PKCS12 -storepass password -rfc -file D:\apache-tomcat\apache-tomcat-6.0.20.8443\client.cer
keytool -import -alias client -v -file D:\apache-tomcat\apache-tomcat-6.0.20.8443\client.cer -keystore D:\apache-tomcat\apache-tomcat-6.0.20.8443\server.keystore -storepass password
keytool -import -file D:\apache-tomcat\apache-tomcat-6.0.20.8443\server.cer -storepass password -keystore D:\apache-tomcat\apache-tomcat-6.0.20.8443\client.truststore -alias server -noprompt