Here you go.
Using Jetty 9.4.1 demo-base ...
$ cd /path/to/jetty-distribution-9.4.1.v20170120/demo-base
$ keytool -genkeypair -keyalg RSA -keystore jmxkeystore.jks -dname cn=test,ou=localhost,dc=example,dc=com
(I created the keystore with password 'changeme')
$ mkdir modules
$ vim modules/jmx-ssl.mod
--(snip)--
[depend]
jmx
[exec]
-Dcom.sun.management.jmxremote
-Dcom.sun.management.jmxremote.port=1616
-Dcom.sun.management.jmxremote.authenticate=false
-Dcom.sun.management.jmxremote.registry.ssl=true
-Dcom.sun.management.jmxremote.ssl=true
-Dcom.sun.management.jmxremote.ssl.need.client.auth=false
-Djavax.net.ssl.keyStore=${jetty.base}/jmxkeystore.jks
-Djavax.net.ssl.keyStorePassword=changeme
-Djavax.net.ssl.trustStore=${jetty.base}/jmxkeystore.jks
-Djavax.net.ssl.trustStorePassword=changeme
--(/snip)--
$ vim jconsole-ssl.sh
--(snip)--
#!/bin/bash
jconsole \
-J-Djavax.net.ssl.keyStore=jmxkeystore.jks \
-J-Djavax.net.ssl.keyStorePassword=changeme \
-J-Djavax.net.ssl.trustStore=jmxkeystore.jks \
-J-Djavax.net.ssl.trustStorePassword=changeme \
localhost:1616
--(/snip)--
(run demo-base server)
$ java -jar ../start.jar --module=jmx-ssl
(in other console window ...)
$ ./jconsole-ssl.sh
- Joakim