If the root certificate of the CA who signed your Web server’s certificate is not in the trust database by default or if you are using a proprietary Web server/application server certificate, you must add that certificate to the trust database. If this is the case, follow the instruction below, otherwise go to Configuring the Connection Factory
Assuming that the certificate is saved in certFile and that trustStoreFile is your key store, run the following command:
JRE_HOME/bin/keytool -import -trustcacerts -alias aliasForCertificate -file certFile -keystore trustStoreFile
Answer YES to the question: Trust this certificate?
You also need to specify the following JSSE properties using the -D option to the command that launches the client application: