Hello, I would suggest you review the Tomcat connector documentation:
http://tomcat.apache.org/tomcat-7.0-doc/config/http.html and in particular: http://tomcat.apache.org/tomcat-7.0-doc/config/http.html#Common_Attributes scheme: Set this attribute to the name of the protocol you wish to have returned by calls to request.getScheme(). For example, you would set this attribute to "https" for an SSL Connector. To correctly set up Tomcat behind a reverse proxy load balancer, which is essentially what happens when SSL terminates at the load balancer, the Tomcat needs to know about the scheme, host and port in order to correctly create URLs when an application says, "What's the protocol we support? What's the hostname on which we run?", etc. Assuming the BMC code isn't doing anything horrific like assuming HTTP, I suspect that setting the scheme="https" attribute on the connector will resolve the issue. Also, set proxyName="lbhostname" and proxyPort="443". This is configured in the server.xml file on the HTTP connector, ie. <Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" scheme="https" proxyName="loadbalancerfqdn" proxyPort="8443" /> John Baker -- SSO Plugin for the BMC product set http://www.javasystemsolutions.com/jss/ssoplugin _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers Are, and have been for 20 years"