Hi,
Thats actually quite simple.
If you only have tomcat (or jboss) and no http in front of it, the best way to go is to create a cacert with the certificate for your site and them just put the reference to it on "tomcat/conf/server.xml"
the connector goes like this:
<Connector protocol="org.apache.coyote.http11.Http11Protocol" port="443" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
keystoreFile="DIR_PENTAHO/tomcat/cert/YOUR_CACERT.keystore"
keystorePass="PASS_TO_YOUR_CACERT"
clientAuth="false" sslProtocol="TLS"/>
(You have to create the "cert" dir)
For more info... take a look at this:
Apache Tomcat 7 (7.0.93) - SSL/TLS Configuration HOW-TO
If you have a apache... just add the apache steps to the process and you can keep both with ssl (same cert)...