Which directory should I store the keystore/truststore for the JMX APP?

Also when Splunking the java error I receive this notification that I am currently troubleshooting:

ERROR ExecProcessor - message from "python "D:\Program Files\Splunk\etc\apps\SPLUNK4JMX\bin\jmx.py"" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: KeyUsage does not allow digital signatures

With the same settings on my webserver, jconsole connects without error using the same truststore.

I believe you can use any directory on your filesystem for the keystore/truststore files.

OK I have made some good progress, I am able to monitor the ColdFusion JVM JMX data using jconsole from a remote machine with SSL using these settings on the webserver:

-Dcom.sun.management.jmxremote=true
-Dcom.sun.management.jmxremote.port=3333
-Dcom.sun.management.jmxremote.ssl=true
-Dcom.sun.management.jmxremote.authenticate=false
-Dcom.sun.management.jmxremote.ssl.need.client.auth=false
-Djavax.net.ssl.keyStorePassword=password
-Djavax.net.ssl.keyStore=JVMJMX.keystore

Then use these flags on the client:

>jconsole.exe -J-Djavax.net.ssl.trustStore=JVMJMX.truststore -J-Djavax.net.ssl.trustStorePassword=password hostname:3333

However, when I use the same flags in your JMX APP, I still have no connectivity (able to get it to work without SSL easily).

additional_jvm_propertys = javax.net.ssl.trustStore=%JAVA_HOME%/JVMJMX.truststore,javax.net.ssl.trustStorePassword=password

The hostname and the port haven't changed in the config.xml and worked when SSL was disabled.

I am still unable to use your JMX APP with SSL enabled, something is missing and my webserver is set up properly since I successfully connect using jconsole. Please advise.