Applications Manager version 9.6 and above includes an integrated webserver that is used for the Java client (RunClient.jar) and REST API. 

Enabling SSL (https) on the webserver applies to both the Java client and REST API

Applications Manager 9.6+

The following steps show just one way to enable SSL on the webserver using Java's keytool utility (your parameters and utility may differ depending on your requrements). Note that this is for a self sign keystore.

Requirement 1 - Even with a self sign keystore the webserver's certificate needs to either have have the FQDN name/wildcard as CN (First and Last Name field) when generating the keystore.
Requirement 2 - When using an internal CA signed certificate or self signed certificate, the certificate needs to be imported into the client Java's cacert file. External CA certs will likely not requrie this as their root certificate and/or certificate chain information will already exist in Java's cacert.

1. From the directory where the keystore will be stored, run the below keytool command to generate the keystore and then follow on screen prompts enter in the keystore information:
   
   keytool -genkeypair -alias "<keystore_alias>" -keyalg RSA -keysize 2048 -sigalg SHA256withRSA -storetype PKCS12 -keystore <keystore_name> -storepass <keystore_password>
   
   Your keytool parameters may differ. Refer Oracle/Java keytool documentation and/or your OS admin if required.
   
   
2. Edit the $AW_HOME/site/application.properties file, and uncomment (remove # character) the below lines as well as enter in your keystore information in bold:
   
   server.ssl.enabled=true
   server.ssl.bundle=web-server
   spring.ssl.bundle.jks.web-server.key.alias=<keystore_alias>
   spring.ssl.bundle.jks.web-server.keystore.location=file:</path/to/your/keystore/keystore_name>
   spring.ssl.bundle.jks.web-server.keystore.password=<keystore_password>
   spring.ssl.bundle.jks.web-server.keystore.type=PKCS12
   
   
3. Restart Applications Manager and webserver (stopso/startso all)
   
   
4. export certificate from the new keystore:
   
   keytool -exportcert -alias <keystore_alias> -keystore <keystore_name> -file <certificate_name.cer>
   
   
5. Move certificate file to the Java client's local machine and from the "bin" directory of the Java instance used to launch the Java client (where the keytool utility exist), run the below command to import the certificate into Java's cacert file:
   
   keytool -importcert -trustcacerts -alias <keystore_alias> -keystore "C:\Path\to\Java\home\lib\security\cacerts" -file "C:\Path\to\your\certificate\<certifcate_name.cer>" -storepass changeit
   
   
6. Edit the Java client's connections.properties file and change the url's value from http to https
   
   
7. Confirm that Java client log in and https://AM_WebServer:port/api-docs works, which confirms that SSL has been enabled. Additional information can be found in the documentation for the Integrated Webserver/Configure SSL and REST API pages.