You've generated a CSR. Certificate Signing Request. So, you need somebody to sign it. If you just want a self-signed certificate, use the -selfcert option.
On the server side you need a keystore file containing both the private key and the signed certificate, under the same alias.
On the client side top you need either:
- a truststore containing the self-signed certificate, if you do that, or
- a truststore containing the CA certificate or its root, if you have it CA-signed, and Java already comes with ones of these.