read this entry about how to go about doing rmi over ssl:

but the problem is that if I specify the keystore password over command line anyone with access to the ps command would be able to see what is the password, is there a secure way of specifying the password of the keystore and truststore?