read this entry about how to go about doing rmi over ssl:
http://blogs.oracle.com/lmalventosa/..._ssl_tls_based

but the problem is that if I specify the keystore password over command line anyone with access to the ps command would be able to see what is the password, is there a secure way of specifying the password of the keystore and truststore?