cls 

 rem please set the env JAVA_HOME before run this bat file

 SET JAVA_HOME=C:\Programs\Java\jdk1..0_51

 SET PATH=%PATH%;%JAVA_HOME%/bin

 rem delete alias tomcat if it is existed

 keytool -delete -alias tomcatsso -keystore  %JAVA_HOME%/jre/lib/security/cacerts -storepass changeit 

 REM DELETE existing tomcatsso certified book

 keytool -delete -alias tomcatsso -storepass changeit 

 rem list all alias in the cacerts

 REM List ALL certified in certified warehouse

 keytool -list -keystore %JAVA_HOME%/jre/lib/security/cacerts -storepass changeit 

 rem generator a key

 REM use RSA algorithm, generate a certified with name=tomcatsso, password=changeit

 REM certified DN= cn=locahost, please make sure the DN = the host name

 keytool -genkey -keyalg RSA -alias tomcatsso -dname "cn=localhost" -storepass changeit 

 rem export the key

 REM expoert the certified from keystore, generate tomcatsso.crt file

 keytool -export -alias tomcatsso -file %JAVA_HOME%/jre/lib/security/tomcatsso.crt -storepass changeit 

 REM import into trust cacerts, generate tomcatsso.crt file

 REM import the tomcatsso.crt INTO JRE trusted certified warehouse, make sure the jre dir is the same as the jre which used by Tomcat, or Tomcat will not able to find the Certified

 keytool -import -alias tomcatsso -file %JAVA_HOME%/jre/lib/security/tomcatsso.crt -keystore %JAVA_HOME%/jre/lib/security/cacerts -storepass changeit 

 rem list all alias in the cacerts

 keytool -list -keystore %JAVA_HOME%/jre/lib/security/cacerts -storepass changeit