To successfully run this demonstration, you need to:
The demonstration involves filling out a special form. When you submit the form, your browser creates and stores a pair of personal RSA keys (one public, one private). The public key is signed and POSTed to a Certificate Authority (CA) servlet, running on your Java Web Server. This servlet uses the form input to create your X.509 personal certificate, which it signs using its own private key and certificate. It returns that new certificate to your web browser as the output of the form.
This new X.509 personal certificate will then be stored by your web browser, associated with the private key. This certificate says that the public key belongs to you. Your browser will usually encrypt the private key before storing it, so that nobody can acquire it and masquerade as you.
Systems like this, with securely administered CA Services, create certificates which you may use with SSL (Secure Sockets Layer) client authentication. This servlet is not production quality, since it provides none of the specialized administrative support required from a CA. For example, there is no way to revoke certificates after they have been issued.