How to create server certificate
To Use keytool to Create a Server Certificate
Run keytool to generate a new key pair in the default development keystore file, keystore.jks. This example uses the alias server-alias to generate a new public/private key pair and wrap the public key into a self-signed certificate inside keystore.jks. The key pair is generated by using an algorithm of type RSA, with a default password of changeit. For more information and other examples of creating and managing keystore files, read the keytool online help at http://download.oracle.com/javase/6/docs/technotes/tools/solaris/keytool.html .
From the directory in which you want to create the key pair, run keytool
as shown in the following steps.
Generate the server certificate.
Type the keytool command all on one line:
When you press Enter, keytool prompts you to enter the server name, organizational unit, organization, locality, state, and country code.
You must type the server name in response to keytool ’s first prompt, in which it asks for first and last names. For testing purposes, this can be localhost .
When you run the example applications, the host (server name) specified in the keystore must match the host identified in the javaee.server.name property specified in the file tut-install /examples/bp-project/build.properties .Source: docs.oracle.com