If you have a third-party certificate (e.g., signed by Equifax, etc.) you would like to use, you can include it in the AnthillPro tomcat.keystore. This will allow you to use the signed certificate without HTTPD. To use a third-party signed key:
Get the CA public certificate from your vendor (this is the public portion of the key that they used for signing. It should be a ca.crt file).
Generate a key which will be signed with the "ca.key" file. The output of this step is the "server.key" file which is the private portion of your SSL key and the "server.crt" file which is the signed certificate.
Export the CA public key, the server private key, and signed certificate into a single PKCS12 keystore.
Edit the $AH3_SERVER/opt/tomcat/conf/server.xml file. Copy the generated tomcat.keystore from the last step into the '$AH3_SERVER/opt/tomcat/conf' directory. Then edit the $AH3_SERVER/opt/tomcat/conf/server.xml file. The XML element <Connector port="8443" ...> needs to contain the attribute keystorePass="password associated with your exported keystore" keystoreType="PKCS12".
Restart the server. AnthillPro should be using your signed certificate.