The identity applications and Identity Reporting use HTML forms for authentication. As a result, the login process might expose user credentials. NetIQ recommends that you enable SSL protocol to protect sensitive information. SSL protocol ensures that communications handled between Identity Manager components are secured.
You should have certificates to configure Tomcat server to communicate using SSL, you can obtain certificates in two ways:
External trusted Certificate Authority (CA) issued certificate
Self-signed certificate