The Java runtime, or more specifically, the Sun JSSE provider, will present a client certificate if some system properties are set. You can read details in the JSSE Reference Guide,but the important properties are javax.net.ssl.keyStoreand javax.net.ssl.keyStorePassword.

如果设置了某些系统属性，则 Java 运行时，或更具体地说，Sun JSSE 提供程序将提供客户端证书。您可以在JSSE 参考指南中阅读详细信息，但重要的属性是javax.net.ssl.keyStore和javax.net.ssl.keyStorePassword。

There are a few drawbacks to this approach. First, setting the key store password as a system property makes it accessible to any code running in that process—although this can be controlled if a SecurityManageris installed. Second, these settings will be used for any SSL sockets created through the "default" SSLContext. If you need different credentials for different endpoints, you'll need a Mirth-specific solution.

这种方法有一些缺点。首先，将密钥存储密码设置为系统属性使其可被该进程中运行的任何代码访问——尽管这可以在SecurityManager安装了 a 后进行控制。其次，这些设置将用于通过 "default" 创建的任何 SSL 套接字SSLContext。如果您需要针对不同端点的不同凭据，您将需要特定于 Mirth 的解决方案。

No starting point was specified in the question, but if starting from scratch, the easiest approach is to create a new Java Key Store ("JKS" format) and generate a new key pair and a CSR. After sending the CSR to the CA and getting a certificate back, import it into the same key store. That key store is ready to use.

问题中没有指定起点，但如果从头开始，最简单的方法是创建新的 Java 密钥存储（“JKS”格式）并生成新的密钥对和 CSR。将 CSR 发送到 CA 并取回证书后，将其导入同一个密钥库。该密钥库已准备好使用。

If a certificate is already available, it is likely to be in a stored with its corresponding private key in PKCS #12 format (.p12 or .pfx file). These can be used directly by a Java application, but the javax.net.ssl.keyStoreTypeproperty will need to be set to "PKCS12"

如果证书已经可用，则它很可能以 PKCS #12 格式（.p12 或 .pfx 文件）与其相应的私钥一起存储。这些可以由 Java 应用程序直接使用，但javax.net.ssl.keyStoreType需要将属性设置为"PKCS12"

Mirth 1.8 cannot send a client cert when calling a SOAP web service.

Mirth 1.8 在调用 SOAP Web 服务时无法发送客户端证书。

I'm late a bit here for this but actually there is a possibility that it could. By sending a few config parameters to the JVM you could get the underlying SOAP engine to switch to HTTPs and provide the proper certificate.

我在这里有点晚了，但实际上有可能。通过向 JVM 发送一些配置参数，您可以让底层 SOAP 引擎切换到 HTTPs 并提供正确的证书。

refer to this question for details on which parameters to set for configuring the VM

有关为配置 VM 设置哪些参数的详细信息，请参阅此问题

Java HTTPS client certificate authentication

Java HTTPS 客户端证书认证

you will notice there are quite a few things to take care of. Normally HTTPs and client authentication should "just work" once you configured your certificates appropriately. BUT there are some servers out there that are not so friendly to B2B style clients so you have to watch out.

你会注意到有很多事情需要处理。通常，一旦您适当地配置了证书，HTTP 和客户端身份验证就应该“正常工作”。但是有一些服务器对 B2B 风格的客户不太友好，所以你必须小心。

Using JDK 6_21 and a few tweaks with the certificate I was able to get one of them servers to behave but it was long and painful on our side for something that takes about 15 minutes to configure properly on the server.

使用 JDK 6_21 和对证书的一些调整，我能够让其中一个服务器运行起来，但在我们这边，需要大约 15 分钟才能在服务器上正确配置的东西很长很痛苦。

here is another question that address this very issue (client side authentication towards unfriendly servers).

这是解决这个问题的另一个问题（客户端对不友好服务器的身份验证）。

Client SSL authentication causing 403.7 error from IIS

客户端 SSL 身份验证导致 IIS 403.7 错误