diff --git a/Dockerfile b/Dockerfile
index 8b8b5f8..954691f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -36,6 +36,10 @@ RUN chown -R root:root /opt/shibboleth/shibboleth-identity-provider-$version &&
     touch /usr/local/tomcat/logs/voltest && \
     touch /opt/shibboleth/shibboleth-identity-provider-$version/logs/voltest
 
+COPY ./conf/ /usr/local/tomcat/conf/
+COPY ./certs/gencert.sh /opt/certs/
+RUN chmod +x /opt/certs/gencert.sh && /opt/certs/gencert.sh
+
 VOLUME ["/usr/local/tomcat/logs", "/opt/shibboleth/shibboleth-identity-provider-$VERSION/logs"]
 
 EXPOSE 8080
diff --git a/certs/gencert.sh b/certs/gencert.sh
new file mode 100755
index 0000000..abfd8fc
--- /dev/null
+++ b/certs/gencert.sh
@@ -0,0 +1,23 @@
+#!/bin/bash
+#
+# Generate a self signed certificate
+#
+
+
+# Self-signed certificate for development laptops
+# -----------------------------------------------
+
+cat > data.conf << EOF
+IT
+IT
+IT
+IT
+IT
+IT
+yes
+
+
+EOF
+
+# Everything in one line
+$JAVA_HOME/bin/keytool -genkey -keyalg RSA -alias selfsigned -keystore /opt/certs/keystore.jks -storepass password -validity 360 -keysize 2048 < data.conf
diff --git a/certs/server.crt b/certs/server.crt
new file mode 100644
index 0000000..5a54800
--- /dev/null
+++ b/certs/server.crt
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDrDCCApQCCQCqx2/xzYm5ejANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMC
+VVMxFzAVBgNVBAgTDk5vcnRoIENhcm9saW5hMRIwEAYDVQQHEwlDaGFybG90dGUx
+DzANBgNVBAoTBkxldnZlbDEPMA0GA1UECxMGRG9ja2VyMREwDwYDVQQDEwhiaWdm
+bGVldDEmMCQGCSqGSIb3DQEJARYXamltLnZhbi5mbGVldEBsZXZ2ZWwuaW8wHhcN
+MTYwODEyMTY0MTMyWhcNMTcwODEyMTY0MTMyWjCBlzELMAkGA1UEBhMCVVMxFzAV
+BgNVBAgTDk5vcnRoIENhcm9saW5hMRIwEAYDVQQHEwlDaGFybG90dGUxDzANBgNV
+BAoTBkxldnZlbDEPMA0GA1UECxMGRG9ja2VyMREwDwYDVQQDEwhiaWdmbGVldDEm
+MCQGCSqGSIb3DQEJARYXamltLnZhbi5mbGVldEBsZXZ2ZWwuaW8wggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDe3SNdeVXz0QEvwI8WSKp3XjF1Z6baCbhK
+tlxwCexvt1CbtUmvBM6ztDmYwqdMwKvQB/UfVdilgUR8Ywo6VQTQ4pv+xYVAaVTo
+AWNR/UD2/F+MriV+kVDLRfeql4os0C96c6yNthe1bQbrT4BZR0eOT7vBi3ozN38G
+acUH2+owv2TnzVp27dGW2WIrWxL8G49w+Jy8K/nVdrEr48F/6349NHXizBdycpVG
+MIdD62qmBb3SdWezKXmczOlHTLtXhKSZO+bQaYA81sGPkDB7NsUkHV1t8kMBt8sC
+MPP4K5BAqIJdigg6nBINIuoa0mdMI37W7phUcLnjg5FsZUn95DMvAgMBAAEwDQYJ
+KoZIhvcNAQELBQADggEBAGhWie1wkXg8V3rG4nGvDLVCFi8V4fPLF5dL5HCULGde
+i9Xz+v412qt1kxgDDwlSZ3oRP1z/tKIywRgLD0NcBJYHqzJN+5gg+ZJMHLEn/bOf
+CS6H91dWD93vlcdBMhyh/rz1PafBWc+TyaNuvihSz4V7kpUdUQ7ovXwv3yeSJelT
+OFzQbjx+roSfFOK7CuIEOee42MAcaqD5LpnGCIujPQgAje3OdyDeofoFA0XehY/Y
+QzooAqSqYhomN6G4RFRAiYwXVkhKbeLBdOOs3rjdymcrFSvwWUJKx7EtpUegucEw
+krFR4hpkGmKABuhVZp/g1zxzeodkwRyJFrQEecFQIN4=
+-----END CERTIFICATE-----
diff --git a/certs/server.csr b/certs/server.csr
new file mode 100644
index 0000000..169be23
--- /dev/null
+++ b/certs/server.csr
@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIC3TCCAcUCAQAwgZcxCzAJBgNVBAYTAlVTMRcwFQYDVQQIEw5Ob3J0aCBDYXJv
+bGluYTESMBAGA1UEBxMJQ2hhcmxvdHRlMQ8wDQYDVQQKEwZMZXZ2ZWwxDzANBgNV
+BAsTBkRvY2tlcjERMA8GA1UEAxMIYmlnZmxlZXQxJjAkBgkqhkiG9w0BCQEWF2pp
+bS52YW4uZmxlZXRAbGV2dmVsLmlvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEA3t0jXXlV89EBL8CPFkiqd14xdWem2gm4SrZccAnsb7dQm7VJrwTOs7Q5
+mMKnTMCr0Af1H1XYpYFEfGMKOlUE0OKb/sWFQGlU6AFjUf1A9vxfjK4lfpFQy0X3
+qpeKLNAvenOsjbYXtW0G60+AWUdHjk+7wYt6Mzd/BmnFB9vqML9k581adu3Rltli
+K1sS/BuPcPicvCv51XaxK+PBf+t+PTR14swXcnKVRjCHQ+tqpgW90nVnsyl5nMzp
+R0y7V4SkmTvm0GmAPNbBj5AwezbFJB1dbfJDAbfLAjDz+CuQQKiCXYoIOpwSDSLq
+GtJnTCN+1u6YVHC544ORbGVJ/eQzLwIDAQABoAAwDQYJKoZIhvcNAQEFBQADggEB
+AJ6hDOof0VueZkGT9wIz/5pKJgoTe9kTNnnHfnXitROwxEEF5gyFPICXkALbJkC7
+HqNl+wd/cG010CoeAI5rcoYDvfY5WAmIOXQF2Zo4EV6XgfBwnk/Jz1T6TvryB14o
+Pp/jwJzurEi90bCHmxELIJwHQPGxbLdF5ScNTg26xXkt6FI4w9utTzh85Pgmxir6
+7niVc3MvR9eyWVXF3NiakQw9oM8FsfRY2i3c87ugcuH0LDrVUFkz4GqS8vC6N1Ao
+L/KAmBvfz25bq+GaXSKb2OQyvNHcM8lquP0vQKsvrs1ecUY4YILBy1yCEGUSxDGM
+kH3F2FuaT22hbNM1JxrLo2Q=
+-----END CERTIFICATE REQUEST-----
diff --git a/certs/server.key b/certs/server.key
new file mode 100644
index 0000000..e1de9a0
--- /dev/null
+++ b/certs/server.key
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEA3t0jXXlV89EBL8CPFkiqd14xdWem2gm4SrZccAnsb7dQm7VJ
+rwTOs7Q5mMKnTMCr0Af1H1XYpYFEfGMKOlUE0OKb/sWFQGlU6AFjUf1A9vxfjK4l
+fpFQy0X3qpeKLNAvenOsjbYXtW0G60+AWUdHjk+7wYt6Mzd/BmnFB9vqML9k581a
+du3RltliK1sS/BuPcPicvCv51XaxK+PBf+t+PTR14swXcnKVRjCHQ+tqpgW90nVn
+syl5nMzpR0y7V4SkmTvm0GmAPNbBj5AwezbFJB1dbfJDAbfLAjDz+CuQQKiCXYoI
+OpwSDSLqGtJnTCN+1u6YVHC544ORbGVJ/eQzLwIDAQABAoIBAEDDmLRgP1ckRKkA
+11QNd+RKbisFHRq9ul2T0xcH+zqX1gf5zdjbl8nnNNmsr3uBfixtM5GQm+20vBc9
+nMpIzKZ7RAPsmIWYVoE5bgh0hT2BJ681KFY4mncH9SoQ8amGMlXuaZWg9hDWBy24
+o77OFQBJMXHUO4XIudQ+RnC7OrpBSZDIRq9pF4CIAOZ5muWTeK8IHF7CYfMlcz9z
+F2y+MbUHYwVstQZlnhHA8zB2jAdy58PhCf44niGSI/ny9ww/ntSpqM/qM6pqv0H6
+GMV/ZA4UhJ7rbDzfUrTVfuJJDZr0X00RjKQBwLYqGA+vegwgyQU0RX0uL+vKHNYz
+z5Uba1ECgYEA9BK4Y/ofxZTiXVEc1JM3NsCTPJgySzsgcmvtLh9Md4tXHd9kliW2
+4I2e/Alt6dwXwEOxUV1drc6B+A4Y09KMaAWQRxAsVY5khotChPAIhYXXDir9srEW
+nR1Y5pBdMw89PQgIDKBHK9gp+Fo3InxsHN+QdfJmyXDzOvFBRLOgkdkCgYEA6cEY
+konEDB7Kd4S7lYKuk1euvFp1XUk5MSXmz2JR6uvB5RaJJNvXBuZB0i60jeUHgA3V
+mouwjuX1zsVSRQEtQ37eiQ2p7ivd1j86SlMBRzFxFempGV00IZevXiBxtfnx38Lw
+mYYOWMXdX0CsV/HHvUpTrkC1F8rIP1tXj0IhwEcCgYEAq1q1P+OsCLBlWDSJNCkC
++5qqBEGqFa02M37YLqhkrA0UpXFgEhX6VZ63/qS0GRqfRimAROpyyYKRNtDW12gb
+kTBOwcV2Cr8Ejn0Yv3Ix2WREvrqqEJlJkha3gm/aLu3FBaMs24hvTzXdCXJ1AO4v
+jPncVyJOzaBR85DLTOt7kMkCgYAHoRjHN53hc2PSUM+6ioBeKL94QE+SUuB9/Smy
+XRglXbp/WqPxQweanwtI6+NSukXrZQgyuhpyH4lNTV1pCSfMCykCOiLwthfQdVHW
+uSzSgQea2nx9anBYJFZB8Tck5FqDnh4yNJDlTtfx0u+NE0Qcpn9isZP3idPNVZLf
+Bx6I4wKBgQDagUD7YJ3oX/4mbBmWJ/z7fAWcUqdRC2kwVfOn2qdeRgVNXQD97u0f
+ZUw7fH6MSKHkuQsM0UWxex2dxxfJaFH5aF5EqXzlT/9by4Ela9p6GtecyuNPDnm+
+jReIeDTO73BnM0LJNPPyd/CSHvaVEgvVmjjNTkuBYpyk8HVXf/Cd/A==
+-----END RSA PRIVATE KEY-----
diff --git a/certs/server.pem b/certs/server.pem
new file mode 100644
index 0000000..9e047bc
--- /dev/null
+++ b/certs/server.pem
@@ -0,0 +1,49 @@
+-----BEGIN CERTIFICATE-----
+MIIDrDCCApQCCQCqx2/xzYm5ejANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMC
+VVMxFzAVBgNVBAgTDk5vcnRoIENhcm9saW5hMRIwEAYDVQQHEwlDaGFybG90dGUx
+DzANBgNVBAoTBkxldnZlbDEPMA0GA1UECxMGRG9ja2VyMREwDwYDVQQDEwhiaWdm
+bGVldDEmMCQGCSqGSIb3DQEJARYXamltLnZhbi5mbGVldEBsZXZ2ZWwuaW8wHhcN
+MTYwODEyMTY0MTMyWhcNMTcwODEyMTY0MTMyWjCBlzELMAkGA1UEBhMCVVMxFzAV
+BgNVBAgTDk5vcnRoIENhcm9saW5hMRIwEAYDVQQHEwlDaGFybG90dGUxDzANBgNV
+BAoTBkxldnZlbDEPMA0GA1UECxMGRG9ja2VyMREwDwYDVQQDEwhiaWdmbGVldDEm
+MCQGCSqGSIb3DQEJARYXamltLnZhbi5mbGVldEBsZXZ2ZWwuaW8wggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDe3SNdeVXz0QEvwI8WSKp3XjF1Z6baCbhK
+tlxwCexvt1CbtUmvBM6ztDmYwqdMwKvQB/UfVdilgUR8Ywo6VQTQ4pv+xYVAaVTo
+AWNR/UD2/F+MriV+kVDLRfeql4os0C96c6yNthe1bQbrT4BZR0eOT7vBi3ozN38G
+acUH2+owv2TnzVp27dGW2WIrWxL8G49w+Jy8K/nVdrEr48F/6349NHXizBdycpVG
+MIdD62qmBb3SdWezKXmczOlHTLtXhKSZO+bQaYA81sGPkDB7NsUkHV1t8kMBt8sC
+MPP4K5BAqIJdigg6nBINIuoa0mdMI37W7phUcLnjg5FsZUn95DMvAgMBAAEwDQYJ
+KoZIhvcNAQELBQADggEBAGhWie1wkXg8V3rG4nGvDLVCFi8V4fPLF5dL5HCULGde
+i9Xz+v412qt1kxgDDwlSZ3oRP1z/tKIywRgLD0NcBJYHqzJN+5gg+ZJMHLEn/bOf
+CS6H91dWD93vlcdBMhyh/rz1PafBWc+TyaNuvihSz4V7kpUdUQ7ovXwv3yeSJelT
+OFzQbjx+roSfFOK7CuIEOee42MAcaqD5LpnGCIujPQgAje3OdyDeofoFA0XehY/Y
+QzooAqSqYhomN6G4RFRAiYwXVkhKbeLBdOOs3rjdymcrFSvwWUJKx7EtpUegucEw
+krFR4hpkGmKABuhVZp/g1zxzeodkwRyJFrQEecFQIN4=
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEA3t0jXXlV89EBL8CPFkiqd14xdWem2gm4SrZccAnsb7dQm7VJ
+rwTOs7Q5mMKnTMCr0Af1H1XYpYFEfGMKOlUE0OKb/sWFQGlU6AFjUf1A9vxfjK4l
+fpFQy0X3qpeKLNAvenOsjbYXtW0G60+AWUdHjk+7wYt6Mzd/BmnFB9vqML9k581a
+du3RltliK1sS/BuPcPicvCv51XaxK+PBf+t+PTR14swXcnKVRjCHQ+tqpgW90nVn
+syl5nMzpR0y7V4SkmTvm0GmAPNbBj5AwezbFJB1dbfJDAbfLAjDz+CuQQKiCXYoI
+OpwSDSLqGtJnTCN+1u6YVHC544ORbGVJ/eQzLwIDAQABAoIBAEDDmLRgP1ckRKkA
+11QNd+RKbisFHRq9ul2T0xcH+zqX1gf5zdjbl8nnNNmsr3uBfixtM5GQm+20vBc9
+nMpIzKZ7RAPsmIWYVoE5bgh0hT2BJ681KFY4mncH9SoQ8amGMlXuaZWg9hDWBy24
+o77OFQBJMXHUO4XIudQ+RnC7OrpBSZDIRq9pF4CIAOZ5muWTeK8IHF7CYfMlcz9z
+F2y+MbUHYwVstQZlnhHA8zB2jAdy58PhCf44niGSI/ny9ww/ntSpqM/qM6pqv0H6
+GMV/ZA4UhJ7rbDzfUrTVfuJJDZr0X00RjKQBwLYqGA+vegwgyQU0RX0uL+vKHNYz
+z5Uba1ECgYEA9BK4Y/ofxZTiXVEc1JM3NsCTPJgySzsgcmvtLh9Md4tXHd9kliW2
+4I2e/Alt6dwXwEOxUV1drc6B+A4Y09KMaAWQRxAsVY5khotChPAIhYXXDir9srEW
+nR1Y5pBdMw89PQgIDKBHK9gp+Fo3InxsHN+QdfJmyXDzOvFBRLOgkdkCgYEA6cEY
+konEDB7Kd4S7lYKuk1euvFp1XUk5MSXmz2JR6uvB5RaJJNvXBuZB0i60jeUHgA3V
+mouwjuX1zsVSRQEtQ37eiQ2p7ivd1j86SlMBRzFxFempGV00IZevXiBxtfnx38Lw
+mYYOWMXdX0CsV/HHvUpTrkC1F8rIP1tXj0IhwEcCgYEAq1q1P+OsCLBlWDSJNCkC
++5qqBEGqFa02M37YLqhkrA0UpXFgEhX6VZ63/qS0GRqfRimAROpyyYKRNtDW12gb
+kTBOwcV2Cr8Ejn0Yv3Ix2WREvrqqEJlJkha3gm/aLu3FBaMs24hvTzXdCXJ1AO4v
+jPncVyJOzaBR85DLTOt7kMkCgYAHoRjHN53hc2PSUM+6ioBeKL94QE+SUuB9/Smy
+XRglXbp/WqPxQweanwtI6+NSukXrZQgyuhpyH4lNTV1pCSfMCykCOiLwthfQdVHW
+uSzSgQea2nx9anBYJFZB8Tck5FqDnh4yNJDlTtfx0u+NE0Qcpn9isZP3idPNVZLf
+Bx6I4wKBgQDagUD7YJ3oX/4mbBmWJ/z7fAWcUqdRC2kwVfOn2qdeRgVNXQD97u0f
+ZUw7fH6MSKHkuQsM0UWxex2dxxfJaFH5aF5EqXzlT/9by4Ela9p6GtecyuNPDnm+
+jReIeDTO73BnM0LJNPPyd/CSHvaVEgvVmjjNTkuBYpyk8HVXf/Cd/A==
+-----END RSA PRIVATE KEY-----
diff --git a/common.bash b/common.bash
index cd630af..498e7c4 100644
--- a/common.bash
+++ b/common.bash
@@ -1,3 +1,3 @@
-maintainer="bigfleet"
-imagename="shibboleth_idp_runtime"
+maintainer="my"
+imagename="shibboleth_idp"
 version="3.2.1"
\ No newline at end of file
diff --git a/conf/server.xml b/conf/server.xml
new file mode 100644
index 0000000..120a612
--- /dev/null
+++ b/conf/server.xml
@@ -0,0 +1,26 @@
+<?xml version='1.0' encoding='utf-8'?>
+<Server port="8005" shutdown="SHUTDOWN">
+  <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
+  <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
+
+  <Service name="Catalina">
+<!-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 -->
+<Connector
+          protocol="org.apache.coyote.http11.Http11NioProtocol"
+          port="8443" maxThreads="200"
+          scheme="https" secure="true" SSLEnabled="true"
+          keystoreFile="/opt/certs/keystore.jks" keystorePass="password"
+          clientAuth="false" sslProtocol="TLS"/>
+    <Engine name="Catalina" defaultHost="localhost">
+
+      <Host name="localhost"  appBase="webapps"
+            unpackWARs="true" autoDeploy="true">
+
+        <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
+               prefix="localhost_access_log." suffix=".txt"
+               pattern="%h %l %u %t &quot;%r&quot; %s %b" />
+
+      </Host>
+    </Engine>
+  </Service>
+</Server>
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..bdcdb65
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,56 @@
+version: '2'
+
+services:
+  shibboleth_idp_0:
+    image: my/shibboleth_idp
+    container_name: shibboleth_idp_0
+    hostname: shibboleth_idp_0
+    networks:
+     - i2network
+    cap_add:
+     - ALL
+     - NET_ADMIN
+     - SYS_ADMIN
+    volumes:
+     - shibboleth_idp_credentials:/tmp/credentials
+     - ./logs/tomcat:/usr/local/tomcat/logs:rw
+     - ./logs/shibboleth_idp:/opt/shibboleth/shibboleth-identity-provider-3.2.1/logs:rw
+    ports:
+     - "8080:8443"
+  shibboleth_idp_1:
+    image: my/shibboleth_idp
+    container_name: shibboleth_idp_1
+    hostname: shibboleth_idp_1
+    networks:
+     - i2network
+    cap_add:
+     - ALL
+     - NET_ADMIN
+     - SYS_ADMIN
+    volumes:
+     - shibboleth_idp_credentials:/tmp/credentials
+     - ./logs/tomcat:/usr/local/tomcat/logs:rw
+     - ./logs/shibboleth_idp:/opt/shibboleth/shibboleth-identity-provider-3.2.1/logs:rw
+    ports:
+     - "8081:8443"
+  haproxy:
+    image: my/haproxy
+    container_name: haproxy
+    hostname: haproxy
+    networks:
+       - i2network
+    depends_on:
+      - shibboleth_idp_1
+      - shibboleth_idp_0
+    ports:
+      - "80:80"
+      - "5533:5533"
+      - "443:443"
+
+networks:
+  i2network:
+    driver: bridge
+    
+volumes:
+  shibboleth_idp_credentials:
+    driver: local
\ No newline at end of file
diff --git a/haproxy/Dockerfile b/haproxy/Dockerfile
new file mode 100644
index 0000000..ab58561
--- /dev/null
+++ b/haproxy/Dockerfile
@@ -0,0 +1,13 @@
+FROM haproxy
+
+ARG maintainer=my
+ARG imagename=haproxy
+ARG version=1.0
+
+MAINTAINER $maintainer
+LABEL Vendor="Internet2"
+LABEL ImageType="haproxy"
+LABEL ImageName=$imagename
+LABEL ImageOS=centos7
+LABEL Version=$version
+copy conf/haproxy.cfg /usr/local/etc/haproxy/haproxy.cfg
diff --git a/haproxy/conf/haproxy.cfg b/haproxy/conf/haproxy.cfg
new file mode 100644
index 0000000..bcb15b5
--- /dev/null
+++ b/haproxy/conf/haproxy.cfg
@@ -0,0 +1,33 @@
+#Example with SSL PASSTHROUGH
+global
+  log 127.0.0.1 local0
+  log 127.0.0.1 local1 notice
+
+defaults
+  log global
+  option httplog
+  option dontlognull
+  timeout connect 5000
+  timeout client 10000
+  timeout server 10000
+
+listen stats
+  bind *:5533
+  stats enable
+  stats uri /
+
+
+frontend localhost
+  bind *:80
+  bind *:443
+  option tcplog
+  mode tcp
+  default_backend shibboleth_idp
+
+backend shibboleth_idp
+  #Define the correct status check
+  mode tcp
+  balance roundrobin
+  option ssl-hello-chk
+  server shibboleth_idp_0 shibboleth_idp_0:8443 check
+  server shibboleth_idp_1 shibboleth_idp_1:8443 check