Since your client is an EJB module, so you do not have to set any of the properties i mentioned.
All you need to do is import the CA cert into Truststore (domains/domainx/config/caerts.jks) and the Client Cert into the Keystore of glassfish (domains/domainx/config/keystore.jks).
For Importing the .cer files use JDK6 Keytool
keytool -importcert -keystore <path to cacerts.jks> -storepass <password> -file cacert.cert -alias testca
Now i am not sure what is the use of Just having a .cer file for a TestClient. If you really want to use SSL Mutual Authentication then you need a KeyPair for the client something like a .pfx file and once you have that you can import that into the keystore.jks using the utility (pkcs12import) :
https://xwss.dev.java.net/servlets/ProjectDocumentList?folderID=6645&expandFolder=6645&folderID=6645
And then you will need to set the following JVM option in domain.xml
<jvm-options>-Dcom.sun.enterprise.security.httpsOutboundKeyAlias=testClient</jvm-options>
Assuming testClient is the alias with which you imported the testClient Key-Pair into Keystore.jks.
[Message sent by forum member 'kumarjayanti' (kumarjayanti)]
http://forums.java.net/jive/thread.jspa?messageID=256310