@normanmaurer I think there might be a bug where the last parameter 'keyStore' of JdkSslServerContext.newSSLContext isn't passed to the method buildKeyManagerFactory.
I've tried to specify the "AndroidKeyStore" type for an AndroidKeyStoreRSAPrivateKey, but it might be impossible to manipulate the key with the correct KeyStore.

Create a KeyManagerFactory instance from your key store in your own code, and pass that instead of the key store.