We imported the certs into a trust-store (JKS format) using the keytool command of the JDK and wrote the following code:
("javax.net.ssl.trustStore", trustFilename );
("javax.net.ssl.trustStorePassword", "changeit") ;
("javax.net.ssl.keyStore", trustFilename );
But unfortunately this was not working on WAS6.1. (This works fine on Tomcat).
In earlier versions of WAS, the iKeyman tool provided an interface to manipulate digital certs, keys, Trust stores and Key stores. But in WAS 6.1, all these tasks can be done from the web-based admin console.
So to add the certs to the Trust store, I went to "Security (on the left panel) --> SSL certificate and key management > Key stores and certificates > NodeDefaultTrustStore > Signer certificates"
Add the new root digital certs that need to be trusted to this store. The JAX-WS client should now be able to connect to the HTTPS resource. Remove any system properties that have been set before.
A good article (for WAS 6.0) describing how SSL and Digital certs work in Websphere can be found here.