Configuring SSL Connector Ports in Apache Tomcat 8.5
As many already know, ThingWorx versions 8.0+ now support both Apache Tomcat versions 8.0.44+ and versions of 8.5.13+. For this reason, many will want to consider using the latest Apache version for their ThingWorx instance, even despite the fact that the installation documentation does not seem to provide examples for the 8.5.x versions. This is because much of the configuration between the two versions remains the same.
One may question these similarities when looking at the updated documentation from Apache on configuring SSL Connector ports. It would seem like some of the more traditional elements are now unusable, since they are marked for deprecation (including keystoreFile, keystorePass, and clientAuth). However, for now, these elements are still usable because Tomcat will convert whatever is provided in the Connector tag to the brand new SSLHostConfig tag (used primarily by Tomcat going forward). Apache has noted that these configuration options will continue to be usable throughout the next few major versions of Tomcat. PTC is already working on documentation which helps utilize the new configuration options in the future, but it won't be available for some time. In the meantime, for step-by-step instructions and further reading, see our Knowledgebase Article using self-signed certs (this article uses a CA).