Hi Vinicius,
I was able to did it (though in a test system) a long ago. This was the way I followed (note: I didn't repeat it now for testing):
- generate a certificate (say "tomcat.cer") and import it into a keystore file (say keystore.jks)
- in \pentaho-server\tomcat\conf\server.xml : uncomment lines 84-88 (in pentaho7.1) to enable port 8443
- in \pentaho-server\tomcat\webapps\pentaho\WEB-INF\web.xml : add the lines before the ending "</web-app>" tag, to activate security:
<!-- Require HTTPS for everything except /img (favicon) and /css. -->
<security-constraint>
<web-resource-collection>
<web-resource-name>HTTPSOnly</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>HTTPSOrHTTP</web-resource-name>
<url-pattern>*.ico</url-pattern>
<url-pattern>/img/*</url-pattern>
<url-pattern>/css/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
As a reference, let me add:
https://help.pentaho.com/Documentation/7.1/0P0/Setting_Up_User_Security/Securing_Pentaho_Server_and_Pentaho_User_Console_(PUC)_with_SSL/000
https://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html
Hope this may help
Luciano