Ok, lets validate your keystore and try it in p12 format...
this will expoert the p12 from your jks:
keytool -importkeystore -srckeystore privatekeystore.jks -storepass KeystoreStorePassword -destkeystore private.p12 -deststoretype PKCS12 -deststorepass KeystoreStorePassword
This will extract the key file from your p12:
openssl pkcs12 -in private.p12 -clcerts -nodes -nocerts | openssl rsa > private.key
This will export your public cert from the p12:
openssl pkcs12 -in private.p12 -clcerts -nokeys -out public.cer
and these will generate hashes from the two (which should match):
openssl x509 -noout -modulus -in public.crt | openssl md5
openssl rsa -noout -modulus -in private.key | openssl md5
If all that works then try using the p12 in soapui instead of the jks (the jks should work, but if all of those commainds work as expected then it looks like the certificate file is good).
Also, can you confirm that SSL is not being terminated before the gateway and that you are hitting the gateway on a port that allows client certificate authentication (port 9443 does not by default, but 8443 is set to 'optional').