创建一个密钥文件，
%JAVA_HOME%/bin/keytool -genkey -alias myalias   -keyalg RSA  -validity 3650 -keystore ./mykeystorefilename

修改conf/server.xml，打开Tomcat的HTTPS端口，
    <Connector port="8443"
               maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
               enableLookups="false" disableUploadTimeout="true"
               acceptCount="100" debug="0" scheme="https" secure="true"
               keystoreFile="mykeystorefilepath" 
               keystorePass="mykeystorepassword" >
      <Factory clientAuth="false" protocol="TLS" />
    </Connector>
   
在应用中修改web.xml，增加授权区
<security-constraint>
        <web-resource-collection>
                <url-pattern>/*</url-pattern>
                <http-method>GET</http-method>
                <http-method>POST</http-method>
        </web-resource-collection>
        <user-data-constraint>
                <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
</security-constraint>