Hi

This is a little off-topic for JAAS (you might find more people able to help in the HTTPD/Servlets & JSP forum), but anyway...

HTTP must be bound to a different IP:port combination than HTTPS. So your port 8080 is handling HTTP, not HTTPS. If you setup both listeners on the same port, one would have failed when attempting to bind (check the server log). If you are indeed trying to use the same listener for both, change the HTTPS listener to use 8443 or 443. Using 443 will be required in production, so users can access it with a nice simple URL (https://www.kithany.com) but 8443 avoids any complications with binding to privileged ports (under 1000) whilst developing. There are many production considerations like whether to use something like ipchains to pass requests from public 443 through to private 8443, but that's an issue for another day...

When HTTPS binds successfully (check the log), try accessing your application from https://www.kithany.com:8443, or whatever HTTPS port you chose. When you can attempt to access the root of your web container (don't include the "/kithany/index.jsp" portion) and receive a HTTPS session (ie the padlock in your browser) you know HTTPS is operational, and any further problems accessing your web application are to do with WAR configuration itself.

We use Jetty, so I'm sorry I can't be more specific re Tomcat.

Ben