The Java keytool application manages a database of keys and certificates.Users can create their own self-authenticated certificates and public/private key pairs.
1.Create A Pair Of Keys
In the open terminal/command window, type:
keytool –genkey –alias %alias% -keystore %keystore%
Replacing %alias% with a name for your pair of keys and %keystore% with a name for your keystore, then press Enter.In this example, %alias% is KeyPair_1, and %keystore% is MyPrivateKey.store.Once you have completed these steps, your keystore will be saved on the computer. It may be saved in your Documents folder, /home folder, or on the root drive.
2.Export A Certificate
In the terminal/command window, type:
keytool –export –alias %alias% -file %file% -keystore %keystore%Replacing %alias% and %keystore% with the values you used previously, and %file% with the name you would like to save your certificate as.In this example, %file% is Certificate1.cert, but you should name yours something different.You will also be asked for the keystore password.It will be saved in the same location as the keystore(usually your Documents or /home folder or the root drive).
3.Import A Certificate
In the terminal/command window, type:
keytool –import –alias %alias% -file %file% -keystore %keystore%Where %alias% and %keystore% are differen t values than you used previously, and %file% is the name of the file you saved your certificate to.You will also be asked to create a password for this new keystore. Usually you want to import your cetificate to jre's keystore,now fllowing steps:
cd /usr/java/jdk/jdk1.6.0_29/jre/lib/security # cd your $java_home/jre/lib/security
then import to jre keystore:
sudo keytool -import -alias test -file /home/guolei/client.cert -keystore cacerts
jre's keystore default password is changeit,type the password,then everything is ok.