You can configure secure communication in em-jetty-config.xml. In the file there are two sections: one for secure port 8444 that is active and another for unsecure port 8081 that is commented out. Those settings only work if en-jetty-config.xml is enabled in IntroscopeEnterpriseManager.properties.
Both ports https://em:8444 and http://em:8081 you have to uncomment the second section
(i.e. close the comment after “<!-- Configure non-secure http connector for the Jetty Server” with “——>”.
Same for web view.
A secure cookie is only sent to the server with an encrypted request over the HTTPS protocol. Even with Secure, sensitive information should never be stored in cookies, as they are inherently insecure and this flag can't offer real protection. Starting with Chrome 52 and Firefox 52, insecure sites (http:) can't set cookies with the Secure directive.
https://docops.ca.com/ca-apm/10-7/en/administrating/apm-security/ssl-and-tls-communications-overviewhttps://en.wikipedia.org/wiki/Secure_cookie