1.创建证书:keytool -genkey -alias wsria -keyalg RSA -keystore d:/keys/wsriakey
其中姓氏和组织名称为登录时的域名:如localhost baidu.com sso.wsria.com
2。导出证书:D:\keys>keytool -export -file d:/keys/wsria.crt -alias wsria -keystore d:/keys/wsriakey
3. 为客户端的JVM导入证书,keytool -import -keystore D:\tools\jdk\1.6\jdk1.6.0_20\jre\lib\security\cacerts -file D:/keys/wsria.crt
4. 应用证书到Web服务器-Tomcat:
connector port="8443" protocol="HTTP/1.1" sslenabled="true" maxthreads="150"
scheme="https" secure="true" clientauth="false" sslprotocol="TLS"keystorefile="D:/keys/wsriakey" keystorepass="wsria.com"></connector>访问:https://sso.wsria.com:8443/
参考:http://lixor.iteye.com/blog/1532655
原文:http://www.cnblogs.com/daxiong225/p/6341457.html