SSL
use Keystore Explorer (http://www.keystore-explorer.org/downloads.html)
Create private key, send CSR
install certificate into keystore
install any intermediate and root certificates
make sure the certificate chain is in place. Double click on the certificate, and make sure you see the hierarchy
Make sure you add the root certificate to a truststore (so that you trust it!). The default one is <JRE>/lib/security/cacerts.