I've not done it recently, but as far as I remember, you need to authorize HTTPS transport (whih is enabled by default I think) and add your keystore in a specific format : a JKS keystore.
This is not really secured since the only supported encryption is an old method.
Use keytool to create your keystore and use a crt + p5 file to encrypt it. I think it's the only one working right now. I'll check tomorrow.
And really important note : your password is clear and loud in the logs, so you need to shut them down in order to be secure. Else it will be written in clear in your logs... It's a known issue.
You can cypher it in the configuration file (because it's not cyphered), by adding the cypher option. You'll need to restart your runtime to see the effect.
