You are right, serer.alias is the key
1. If you run keytool -list, do you see server.alias listed?
2. You might want you check with your CA
3. The JDK used should not be a problem at this point, but it is highly recommended you use the latest JRockit R28 1.6 to take advantage of the latest security and bug fixes.
Import the intermediate cert first then the root and then the signed server certificate.
The alias of root and intermediate doesnt matter, but make sure that the alias of server cert is same as the alias of the private key entry.
Have a look at the following example :