keytool -genkey -v -alias tomcat -keyalg RSA -keystore D: omcat.keystore -validity 36500
keytool -genkey -v -alias mykey -keyalg RSA -storetype PKCS12 -keystore D:mykey.p12
keytool -export -alias mykey -keystore D:mykey.p12 -storetype PKCS12 -storepass zengjin -rfc -file D:mykey.cer
keytool -import -v -file D:mykey.cer -keystore D: omcat.keystore
keytool -list -keystore D: omcat.keystore
keytool -keystore D: omcat.keystore -export -alias tomcat -file D: omcat.cer
in tomcat conf server.xml ==>
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
SSLEnabled="true" maxThreads="150" scheme="https"
secure="true" clientAuth="true" sslProtocol="TLS"
keystoreFile="D:\tomcat.keystore" keystorePass="zengjin"
truststoreFile="D:\tomcat.keystore" truststorePass="zengjin" />