As per the below link
https://github.com/spring-projects/spring-boot/issues/6164, the following features are removed from tomcat 8.5
a) Class org.apache.tomcat.util.net.ServerSocketFactory no longer exists
b) Class org.apache.tomcat.util.net.jsse.JSSESocketFactory no longer exists
c) Method JSSEImplementaton.getServerSockerFactory(AbstractEndpoint) no longer exists
d) Method JSSEImplementaton.getSSLUtil(AbstractEndpoint) no longer exists
These make our upgrade from tomcat 8.0 to tomcat 8.5.x difficult.
We have two requirements
How these can be achieved in tomcat 8.5? Any suggestions appreciated. (We were doing it in Tomcat 8 using custom SocketFcatory implementing tomcat's interface)
After the connector refactoring the JIoEndpoint that allowed to specify arbitrary ServerSocketFactory is no longer available.
However the AJP connector is almost ready to accept SSL connections if you allow some changes to Tomcat's codebase: the AbstractAjpProtocol class just lacks an implementation of the addSslHostConfig and findSslHostConfigs or better it has implementations that don't store or return anything with a very explicit comment:
SSL is not supported in AJP
If you change them as in AbstractHttp11Protocol, you'll be able to configure an AJP connector the same way you configure a HTTP/1.1 connector:
<Connector SSLEnabled="true" port="8009" protocol="AJP/1.3">
<SSLHostConfig ...>
<Certificate ... />
</SSLHostConfig>
</Connector>
Regarding the certificate storage you can implement your own KeyStoreSpi and security provider and use:
<Certificate certificateKeystoreProvider="your_provider"
certificateKeystoreType="your_type"
... />