

Setting-up Tomcat SSL with StartSSL Certificates - jramoyo
http://www.jramoyo.com/2013/08/setting-up-tomcat-ssl-with-startssl.html
In summary, enabling SSL on Tomcat requires three things:
(1) Creating a Java keystore which contains the private key that Tomcat would use to start SSL handshakes
(2) Ensuring that you or your website owns the private key by having it signed by a trusted authority which in turn, issues a digital certificate verifying your ownership of the key
(3) Configuring a Tomcat connector to listen on HTTPS from a specified port
======
moreentropy
He should have skipped all the effort to enable SSL in Tomcat and put the
certificate in his front-end webserver. Cause that's where it belongs.

