I have created the certs and implemented it successfully along with Apache and Tomcat. Since the users are web based, I have not configured SSL for windows client.
When I try the url, http://smapdev.domain.local/sm9/ it is prompting me to enter user id and password (since I'm not logged in as domain user). Once I have entered a domain user id and password (operator account exist in SM), it opens the SM login page (like normal webclient), instead of opening up the to do queue.
I know the domain user id and password are correct. If I enter a wrong password, it got a message saying "Authentication Failed".
I suppose you want to setup Single Sign On (SSO) of which the SSL setup is prerequisite n°1. the second prerequisite is having an external authentication source like IIS Integrated Windows Authentication, CA Siteminder, IBM Webseal, etc.
If you want to avoid the login page. Please consult the help and serach for single/trusted sign-on.
In a nutshell you need to set isCustomauthentication to false in web.xml, add a bean in application-context.xml, add trustedsignon/1 in sm.ini, disable Tomcat authentication in Tomcat's server.xml, enable only IWA in IIS. If you have basic and IWA authentication enable in IIS, you always get the prompt.
Add your URL to the trustes sites in IE and enable pass trough authetication for trusted sites.