Create an SSL channel, same pwd for keystore and trustore?

Question

I'm a new java developer, and I have to create a SSL connection between server and client (and the client must send signed files).

Following tutorials and post from this page (like https://stackoverflow.com/a/18790838/2933117 or http://stilius.net/java/java_ssl.php) I create a keystore: keytool -genkey -keystore mySrvKeystore -keyalg RSA and I have written this code:

    public class Servidor extends Thread {

        static int port=2017;
        static String serverKeyStore="mySrvKeystore.jks", pwdStore="123456";

        public static void main(String[] arstring) {

            SSLServerSocket sslserversocket=null;

            try {

                System.setProperty("javax.net.ssl.keyStore", serverKeyStore);
                System.setProperty("javax.net.ssl.keyStorePassword", pwdStore);


                SSLServerSocketFactory sslserversocketfactory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
                sslserversocket = (SSLServerSocket) sslserversocketfactory.createServerSocket(port);

 [...]

--

class Cliente {

    static int port=2017;
    static String serverKeyStore="mySrvKeystore.jks", pwdStore="123456";

    public static void main(String[] arstring) {

        try {

            System.setProperty("javax.net.ssl.trustStore", serverKeyStore);
            System.setProperty("javax.net.ssl.trustStorePassword", pwdStore);

            SSLSocketFactory sslsocketfactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
            SSLSocket sslsocket = (SSLSocket) sslsocketfactory.createSocket("localhost", port);

Now my doubts, actually I have to use the same file (mySrvKeystore.jks) for the Keystore and TruStore with the same pwd ("123456"), how can give me this a secure channel? the clients can easily get the keys

and... If a client wants sign a file must use the secret key from trustore?

thanks in advance and sorry for my noob doubts.