Download and Open Keystore Explorer. (https://keystore-explorer.sourceforge.net/)
click on create a new Keystore,
select JKS and click OK,
click on Tools→Generate key pair,
select RSA with key size 2048, then OK,
click Edit name,
fill in each field on the form with the relevant data.
Common Name must be the name of the EASA Server. Click OK twice,
Enter tomcat as Key Pair Entry Alias. Click OK,
Enter 123123 as Key Pair Entry Password. Click OK,
Key Pair and Certificate will be created,
click File→Save,
enter 123123 as Password for Keystore file,
right-click tomcat and select Export Certificate Chain
select our certificate, right-click on it, select All Tasks→Export
The certificate is 'self-signed' which does not involve a trusted third-party
Certificate Authority so click OK to examine the certificate.
click OK to accept the certificate,
confirm Yes
set the Alias to tomcat and click OK twice,
save cacerts file and close Keystore Explorer