Un-comment the SSL Connector entry in the $CATALINA_BASE/conf/server.xml as follows;

Without Native Library

Tomcat uses JSSE SSL Connector by default, the connector entry would be as follows;

<Connector port="8445" protocol="HTTP/1.1" SSLEnabled="true"
    maxThreads="150" scheme="https" secure="true"
    keyAlias="casalias" keystoreFile="/etc/tomcat6/keystore" keystorePass="changeit"
    clientAuth="false" sslProtocol="TLS" />

Get the certificate from Certificate Authority, then import the certificate on sso-server as follows:

/usr/lib/jvm/java # keytool -import -keystore /etc/tomcat6/keystore -alias casalias -file /home/user/sso.crt
Enter keystore password: ********
Owner: CN=server, DC=domain, DC=com
Issuer: CN=server, DC=domain, DC=com
Serial number: 69fb9d59dca5d781442ced0844ea3d2f
Valid from: Tue Sep 14 15:10:35 BST 2010 until: Mon Sep 14 15:18:38 BST 2015
Certificate fingerprints:
         MD5:  78:A4:5C:22:0E:11:8D:FB:90:0F:1E:4A:ED:88:3E:11
         SHA1: 8C:C9:4E:05:F0:54:13:B3:C7:10:DD:4E:0B:5C:77:31:48:5A:6D:13
Trust this certificate? [no]:  yes
Certificate was added to keystore
With Native Library

To improve the performance of the Apache Tomcat Server you could use the Apache Tomcat Native library.
To install the library just execute:

aptitude install libtcnative-1

and add the following line to the file $CATALINA_HOME/bin/setenv.sh (create the file if it does not exist):

cat /usr/share/tomcat6/skel/bin/setenv.sh

To verify the library is running you will find the following message in $CATALINA_HOME/logs/catalina.out:

INFO: Loaded APR based Apache Tomcat Native library 1.1.19.

Without the Apache Tomcat Native library you will find a message like:

INFO: The APR based Apache Tomcat Native library which allows optimal performance in production

When Apache Tomcat Library is in use Tomcat uses APR SSL Connector and would need a certificate and private key files

cat $CATALINA_BASE/conf/server.xml
<Connector port="8445" protocol="HTTP/1.1" maxHttpHeaderSize="8192"
    enableLookups="false" disableUploadTimeout="true"
    acceptCount="100" scheme="https" secure="true"
    SSLCertificateKeyFile="/etc/tomcat6/ssl/server.key" />