The HTTPS connectors are child resources of the subsystem web. By default they use JSSE. Each connector does reference a particular socket binding:
Creating a new connector may require you to declare a new socket binding first:
The newly created, unused socket binding can then be used to create a new connector configuration:
The default for SSL is to use Alias "tomcat" and password "changeit". It is possible to create the corresponding keystore using keytool:
Of course specify a password value of "changeit".