It doesn't say the certificate must contain a private key. Certificates don't contain private keys. Read it again. It says the key entry must contain a private key and a certificate.
So however you constructed this KeyStore, it is invalid. Probably you just imported the signed certificate into a new KeyStore, or with a new alias. You must import it into the original KeyStore where the private key is, with the same alias as the private key.
You must also import the certificate chain, as trusted CA certificates, with another alias.