set SERVER_DN="CN=10.129.205.248, OU=cybersoft.com, O=cybersoft, L=CN, S=CN, C=CN" set CLIENT_DN="CN=cybersoft.com.tw, OU=cybersoft.com, O=cybersoft, L=CN, S=CN, C=CN" set PASS_SET="client" set SPASS_SET="server" set CER_ROOT_PATH="E:caskey" :: 路径不存在则创建路径 if not exist %CER_ROOT_PATH% md %CER_ROOT_PATH% ::制作 keystore keytool -genkey -alias cyber_server -keyalg RSA -keystore %CER_ROOT_PATH%/keystore -dname %SERVER_DN% -storepass %SPASS_SET% -keypass %SPASS_SET% -validity 36500 keytool -genkey -alias cyber_client -keyalg RSA -storetype PKCS12 -keystore %CER_ROOT_PATH%/client.key.p12 -dname %SERVER_DN% -keypass %PASS_SET% -storepass %PASS_SET% -validity 36500 keytool -export -alias cyber_server -keystore %CER_ROOT_PATH%/keystore -storepass %SPASS_SET% -rfc -file %CER_ROOT_PATH%/server.cer keytool -export -alias cyber_client -storetype PKCS12 -keystore %CER_ROOT_PATH%/client.key.p12 -storepass %PASS_SET% -rfc -file %CER_ROOT_PATH%/client.cer keytool -import -file %CER_ROOT_PATH%/server.cer -storepass %PASS_SET% -keystore %CER_ROOT_PATH%/truststore.jks -noprompt keytool -import -file %CER_ROOT_PATH%/client.cer -storepass %SPASS_SET% -keystore %CER_ROOT_PATH%/client.truststore -noprompt pause