I believe that the keystore is it's own "special" java format, and easily accepts DER encoded certificates/keys. However, PKCS#12, which is the only format that windows supports for private key encoded certificates, isn't readable by the standard java keytool utility.

The following worked for me to use a private key PKCS12 certificate:
Import the root certificate into a keystore using the java keytool utility (keytool -import -file xxxx -keystore xxxxx)
Import the intermediate certificate (if you have one) just as you did the root certificate (using the same keystore file).
For PKCS#12 certificates, the easiest thing to do is to download the jwsdwp 2.0 (as of Sept 07) and use the pkcs12import.bat utility to import the PKCS#12 certificate into the same keystore.

Make the keystore file available on the classpath.
Change the SSL settings in the session.properties to include the keystore, keystore password, and SSL setting = on.

For connections that can use a self-signed certificate, it's much easier.
Use the keytool to generate a key using the following command:
keytool -genkey -alias <anything> -keystore <keystorefilename>

Follow the prompts, change your session.properties, and make the keystore available on the classpath & you're all good.