{
KeyPairGenerator kg = KeyPairGenerator.getInstance( "RSA" );
kg.initialize(strength, RandomUtils.SECURE_RANDOM );
KeyPair pair = kg.generateKeyPair();
X509V3CertificateGenerator certificateGenerator =
new X509V3CertificateGenerator();
certificateGenerator.setSignatureAlgorithm( "MD5WithRSAEncryption" );
certificateGenerator.setSerialNumber( new BigInteger( ""+SystemTime.getCurrentTime()));
X509Name issuer_dn = new X509Name(true,cert_dn);
certificateGenerator.setIssuerDN(issuer_dn);
X509Name subject_dn = new X509Name(true,cert_dn);
certificateGenerator.setSubjectDN(subject_dn);
Calendar not_after = Calendar.getInstance();
not_after.add(Calendar.YEAR, 1);
certificateGenerator.setNotAfter( not_after.getTime());
certificateGenerator.setNotBefore(Calendar.getInstance().getTime());
certificateGenerator.setPublicKey( pair.getPublic());
X509Certificate certificate = certificateGenerator.generateX509Certificate(pair.getPrivate());
java.security.cert.Certificate[] certChain = {(java.security.cert.Certificate) certificate };
manager.addCertToKeyStore( alias, pair.getPrivate(), certChain );
return( certificate );
}