http://en.wikipedia.org/wiki/Ssh-keygen
keytool -genkey -keystore keystore -alias tomcat -keyalg RSA -sigalg SHA1withRSA -validity 3650
Enter keystore password: password
What is your first and last name?
[Unknown]: 10.17.105.100 this must be the same as the server IP
Enter key password for <tomcat>:
(RETURN if same as keystore password): press RETURN to use same password
Note: Please check the system time before you generate certificate. If the system time is not correct (eg, much bigger than current), it may affect your clients since the valid start time is not correct.
Export certificate for client.
keytool -keystore keystore -export -alias tomcat -file server87.cer
