You configure client authentication by creating a client certificate and exporting the client's signer certificate.
If the SSL handler used by the CICS Transaction Gateway is configured to support just server authentication, you do not have to create a client certificate as described here because the client key ring needs to contain just the signer certificate of the server, which you have just imported. You can use the generated MyClient key ring.jks file with CICS Transaction Gateway's SSL protocol, which is configured to support server authentication.
Client authentication requires the client key ring also to contain a self-signed Certificate that is used to identify the connecting client.
iKeyMan generates a public/private key pair.
The self-signed Client Certificate appears in the Personal Certificates window. The certificate has the name you typed in the Key Label field, in this example exampleClientCert
Store the exported certificate in a safe place. It must be imported into any server repository that needs to communicate with this SSL client.