This week's book giveaway is in the OCMJEA forum. We're giving away four copies of OCM Java EE 6 Enterprise Architect Exam Guide and have Paul Allen & Joseph Bambara on-line! See this thread for details.
I don't have a clue what you are asking. You don't "pass" the keystore password, you specify it on the server.xml Connector element for TLS. The value is not encrypted because the server.xml file is not something that non-authorized users can look at. At least it isn't if you are following even the most basic security practices for a secure shop.
Customer surveys are for companies who didn't pay proper attention to begin with.