1) Run the following command (where validity is the number of days before the certificate will expire):
keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks -storepass password -validity 361 -keysize 2048
Fill in the prompts for your organization information. When it asks for your first and last name, enter the host/domain name  of the server that users will be entering to connect to your application adc01djc.us.oracle.com, this will be filled in the certificate with an attribute called cname, any mismatch here can result in following type of exceptions when making HTTP client calls.

Example Exception.

Exception in thread “main” javax.net.ssl.SSLException: hostname in certificate didn’t match: <abc01> != <vbauth>

 

This will create a keystore.jks file containing a private key and your  fresh self signed certificate.

2) if you want certificate out of the key store use the following command
keytool -export -alias selfsigned -keystore keystore.jks -rfc -file noejb.cer
3) To see the contents of the certificate
keytool -printcert -file noejb.cer