I've looked in the forums and documentation, and I've found some info on how to do this for your other products, but could you please provide instructions on how to setup AppManager to run SSL over port 443, and how to assign a certificate to the server so that our Sys Admins can access the site without having to remote desktop into the server.
Following is what you are trying to achieve. Applications Manager by default uses a self signed certificate which will prompt you with a Certificate error each time you try to connect to Applications Manager web-client.
You can choose whether to have a Certifying Authority sign the certificate or you can use a self-signed certificate. A certificate signed by a Certifying Authority is trusted by browsers, therefore the browser does not issue a warning when a user connects to the browser interface on the Master Server. Generally, Certifying Authorities charge a fee to sign a certificate. A self-signed certificate is available for use immediately after you generate the certificate because you do not have to wait for the Certifying Authority to sign it. However, a self-signed certificate is not trusted by the browser, so the browser issues a warning each time a user connects to the Master Server.
So you need to have a Certifying Authority sign the certificate or your organization may have an internal Certifying Authority to generate certificates.
1.)As you have illustrated in your document you have to create a key database or keystore (key.jks) and make a CSR to Certifying Authority: (Refer details from below link where in the example is using IBM Key Manager utility. Steps will differ for different CA's and you have to follow the steps as provided by your CA)
Note: In your CSR if you use paulp-0558.csez.zohocorpin.com in this case you can only use this key database or keystore only for the installation of Applications Manager on the paulp-0558 server. It is recommended that you create a CSR with *.csez.zohocorpin.com so that you can use the same key database or keystore in all your installations of Applications Manager.(You have enterprise setup and this is recommended) Note: paulp-0558.csez.zohocorpin.com is only an example FQDN.
Now after the request is signed you have to follow "Receiving a CA certificate" steps in above link and receive CA-signed certificates into your same key database or keystore:
Now that you have the key.jks file with the proper signed certificates installed you need to use the same key.jks file in Applications Manager.
To change the keystore in Applications Manager go to the ..\AppManager_home\working\apache\tomcat\ directory. Copy your key.jks file here. (In this case as the name of keystore is different you can simply copy your file to ..\AppManager_home\working\apache\tomcat\ directory.)
* Each key database or keystore file will have its own password for opening it.(You have entered it when you generated the key database or keystore. You should be knowing the same.
* We need to specify the key database or keystore file name and password of keystore file in \AppManager_home\working\apache\tomcat\conf\backup\server.xml file.Open this file in a text editor and search for KEYSTORE_FILE. There will be only 2 occurences in that file as follows: