This are a number of steps.
I'm not going to go through everything here,
you should be able to find the details in the book.
1) Enable the HTTPS listener in jetty or tomcat,
this requires a keystore.
2) Make sure the client has the certificate,
either thirdparty or a keystore on the client.
3) Change the clients to use JNDI over https
4) Deploy the ejbs over https
Point 4 is easier with 3.2 because the config
supports multiple protocols per ejb.
3.0 only allows one per ejb so you would
have to deploy it mutliple times if you also
want plain RMI access.