Information
The SSLEnabled setting determines if SSL is enabled for a specific Connector. It is recommended that SSL be utilized for any Connector that sends or receives sensitive information, such as authentication credentials or personal information.
Rationale:
The SSLEnabled setting ensures SSL is active, which will in-turn ensure the confidentiality and integrity of sensitive information while in transit.
Solution
In server.xml, set the SSLEnabled attribute to true for each Connector that sends or receives sensitive information
<Connector
...
SSLEnabled='true'
...
/>
Default Value:
SSLEnabled is set to false.