我终于得到了它所有的工作，服务器和客户端双向SSL认证。

I finally got it all working, server and client two-way ssl authentication.

我使用的指令在这里设置自己的证书颁发机构（CA） http://www.garex.net /阿帕奇/

I used the instructions here to setup my own cert authority (ca) http://www.garex.net/apache/

我跟着命令那里生成自己的CA，服务器和客户端的文件。

I followed the commands there to generate my own ca, server and client files..

大疑难杂症是创造客户端证书部分中，在garex.net链路使用1024大小的客户端密钥。事实证明，这是引发异常产生java.io.IOException：错误版本的密钥存储

The big "GOTCHA" was that in the "create client certificate" section, the garex.net link uses a 1024 size client key. As it turns out, this was throwing the exception java.io.IOException: Wrong version of key store

要解决上述的异常，我只使用512尺寸的按键。这是不包括1024参数OpenSSL的genrsa genkey命令来完成。

To get around the above exception, I had to use only 512 sized keys.. This is done by NOT including the "1024" parameter to the openssl genrsa genkey command..

最后，我想添加一个链接到一个工具，我结束了使用，而不是Portecle。我找到了密钥工具GUI程序在这里有很大的帮助，更容易比portecle之一来使用 - 的 http://www.lazgosoftware.com/kse/index.html

Finally I want to add a link to a tool I ended up using instead of Portecle.. I found the keytool gui program here of great help and easier to use than the portecle one - http://www.lazgosoftware.com/kse/index.html

这问题有点在一个痛苦的对接，所以我会密切关注这一主题。如果您遇到任何障碍随时回复..

This issue was a bit of a pain in the butt so I will keep an eye on this thread.. Feel free to reply if you run into any roadblocks..