diff --git a/Dockerfile b/Dockerfile
index f26a5cd..ad23871 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -147,7 +147,9 @@ ADD container_files/tomcat/log4j2.xml /usr/local/tomcat/conf/
 ADD container_files/tomcat/setenv.sh /usr/local/tomcat/bin/
 RUN mkdir -p /usr/local/tomcat/webapps/ROOT
 ADD container_files/tomcat/robots.txt /usr/local/tomcat/webapps/ROOT
-ADD container_files/tomcat/keystore.jks /opt/certs/
+#ADD container_files/tomcat/keystore.jks /opt/certs/
+ADD container_files/tomcat/idp-default.key /opt/certs/
+ADD container_files/tomcat/idp-default.crt /opt/certs/
 
 # install needed IdP plugins
 #ARG truststore="/opt/shibboleth-idp/credentials/PGP_KEYS"
@@ -160,7 +162,6 @@ ARG plugin_args="--noPrompt --noRebuild --noCheck --truststore ${truststore}"
 RUN /bin/curl -Lo ${truststore} https://shibboleth.net/downloads/prerelease/identity-provider-5.0.0-beta1/beta1-plugin-truststore.gpg && \
     /opt/shibboleth-idp/bin/plugin.sh ${plugin_args} -i https://shibboleth.net/downloads/prerelease/identity-provider-5.0.0-beta1/shibboleth-idp-plugin-nashorn-jdk-2.0.0-beta1.tar.gz
 
-
 # Copy TIER helper scripts
 ADD container_files/idp/rotateSealerKey.sh /opt/shibboleth-idp/bin/rotateSealerKey.sh
 RUN chmod +x /opt/shibboleth-idp/bin/rotateSealerKey.sh
diff --git a/container_files/tomcat/idp-default.crt b/container_files/tomcat/idp-default.crt
new file mode 100644
index 0000000..c086e61
--- /dev/null
+++ b/container_files/tomcat/idp-default.crt
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDczCCAlugAwIBAgIEc3Xh/jANBgkqhkiG9w0BAQsFADBqMQswCQYDVQQGEwJV
+UzELMAkGA1UECBMCVVMxETAPBgNVBAcTCEFueXdoZXJlMRQwEgYDVQQKEwtFeGFt
+cGxlIE9yZzELMAkGA1UECxMCSVQxGDAWBgNVBAMTD2lkcC5leGFtcGxlLm9yZzAe
+Fw0xODA2MTMxODE2NTZaFw0yODA2MTAxODE2NTZaMGoxCzAJBgNVBAYTAlVTMQsw
+CQYDVQQIEwJVUzERMA8GA1UEBxMIQW55d2hlcmUxFDASBgNVBAoTC0V4YW1wbGUg
+T3JnMQswCQYDVQQLEwJJVDEYMBYGA1UEAxMPaWRwLmV4YW1wbGUub3JnMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn29yHNKZZVM2dyA/MP8ItBnJiIHK
+Bj4HJA+x/+7d9Uw0VKNYWLBGd6eo48wZNUx/fSkamgsJnJJEcQ9ZB6Kh7Sr5Cv+j
+Kn+ttQ/xRBW/TOUInCi/+TE5tpHdqsc5jhvpDvJzyd4AjhWD98BRjnqO7Vdllh0h
+XY0eWwnURTC5RTjnTy8x0k8NGl+4/gICWcab10uOS6WziT/BiwWZiAFK+30aOzqv
+Qo9MLdP2iRNqhnXh21KCAEw/dm0iMOYa3c460cI5Wpz16BN0hBKJa2eLIsUz1Ei8
+e6d2bfgRsXSVuiwMG7/6kLcbqJSHMnLT2V17IzxpMMg4g2TV69MHAI0WfwIDAQAB
+oyEwHzAdBgNVHQ4EFgQUnUHUCeihIylq0vGUhtaZ3radUncwDQYJKoZIhvcNAQEL
+BQADggEBAJ47J4Q6Mgqt3TMyiwH0YTcL7KpFOTIX/BdaeG5c/QAuO+ASxxPeUSHd
+gy1GymRxrQp/9XXCjGRIVwSsgrZ0IZHhogIZCOTA+j+kri0TtZrhkKy6TCFimd1J
+JMmLmrT5uaEPAnL42jvet0rToPqx3gt9AdGbmWf+OyXT8pLMPRKvf6xTQSh1XJZH
+CXbNcMzEp7wq3Z3vDQZ498CM7mEb7y+2cF0iCKydHSL0VvqmjDicj2+4J6qKHBFW
+4cWkzmVmQTT8MEHYyq/Fif8ElE7PiRow3vhO7WEy7pfhcmrz3DPqRVDLk2AgmYBn
+rPigRnfDmz0Cc/zvxbd3UxfRATCNYcU=
+-----END CERTIFICATE-----
+
diff --git a/container_files/tomcat/idp-default.key b/container_files/tomcat/idp-default.key
new file mode 100644
index 0000000..cea75aa
--- /dev/null
+++ b/container_files/tomcat/idp-default.key
@@ -0,0 +1,29 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCfb3Ic0pllUzZ3
+ID8w/wi0GcmIgcoGPgckD7H/7t31TDRUo1hYsEZ3p6jjzBk1TH99KRqaCwmckkRx
+D1kHoqHtKvkK/6Mqf621D/FEFb9M5QicKL/5MTm2kd2qxzmOG+kO8nPJ3gCOFYP3
+wFGOeo7tV2WWHSFdjR5bCdRFMLlFOOdPLzHSTw0aX7j+AgJZxpvXS45LpbOJP8GL
+BZmIAUr7fRo7Oq9Cj0wt0/aJE2qGdeHbUoIATD92bSIw5hrdzjrRwjlanPXoE3SE
+EolrZ4sixTPUSLx7p3Zt+BGxdJW6LAwbv/qQtxuolIcyctPZXXsjPGkwyDiDZNXr
+0wcAjRZ/AgMBAAECggEAI43/3audZ7o54DEBxpRpRXimt9lxyxiUEReq8086klRv
+KxzOO+D7pf1urXY7fOZVW/0JoKarew4nUytACHLdN32o0ioWIgkdHM60WCGdarF8
+zQ5NWW3/19YJn+cTz7wrqhipd7AZYZYsuthZl7N/IjCmR+axJSKuTVEQ1Gk8N9JR
+rY8CujwI8RRtVd1NQwFc+mEgjesCvqctoBBRUI5oP5uhwkbF9TLbs0nLZ9Q6EXpi
+LTViJA/q+/Qjl2Fi9V9291lMJfXEN5saNiFpYXGQtajEnzO30W7lTMi7IXHrSJpY
+BiLiPpGL6Rsk/aV/Cmk9kg7hTKGfW0c4m4U92LRsAQKBgQDMtWUA38K2izrkBKZU
+DjoV3QY0smA7V6RZtMuK9p4ntk23fE7SdcdJn6ILCUVl1V/TnFYRYIGbU4z/mBdb
+YHwfqtcp69GzQNXc4aJFghB0HGKmbomMZKddDVKZ6YyTZLiLDoMKLyyauuL0unGe
+b89CfqVK3KpqKQBkO0TMXibcfwKBgQDHYhf1VdobcJbNisRSGgl8DOgGSmc/KrCC
+AHobcc9xtS+kXP8Fa6ymwA4aw8G5RZ21IWiqrsjRk1zb23CXm/d9EjWZygUmAfgb
+ymHXJ9bQ1Vk/DDua/SbDHZf24C7VApac+1IOkjRwGflIL555ms5rLA2XlaniPFwA
+1kVNbiTGAQKBgQCfhryvcbDLkLTT/MuhtXSOlS/A4UEc/a+WOM5l/MpDKE5oLvc+
+C4rCVSRydUcflKiYv7xSzmIyKWo3xM5u50HTa89BXASPLHd9KljK0hEAax51lK6c
+OdQzL66vQtHKCzPFKgn0Zc7cxccX8DOaxIc/ynIFZPFoyYsEkSuMF9MxAQKBgAOW
+PS4ZtEnIFb5u36dGdqM3rDjov8DAKNq93XR+8KdwBgJj9eaIEFwTmm1a1jJaEUM/
+7Z0cddpnV0VRRk5D7Qjf+fzhSIRthqQhWO9A9TlejTN4Kd5Y7YiXELPNRqpoWINM
+diZy9OSLYxOsX6J6aXo+GaR/ecXrJhCRyj9hWuIBAoGAaOGaWVRmKISH8lf57SEV
+fZCuPA1cplMpToHYK/uXdLBZuMkeG89jSLBN8fXx86KfRuUXrBDXgGs5zHF0BS7u
+dvOtw+lGj3WhYcWg2D/9mUoiOQ9i9dSxDM/pg6BH65ZrhNlnBnjVrSyN2A4AjfRw
+NfRiVLTvQIYmTSq8H+NxFAc=
+-----END PRIVATE KEY-----
+
diff --git a/container_files/tomcat/server.xml b/container_files/tomcat/server.xml
index f25cad4..f316955 100644
--- a/container_files/tomcat/server.xml
+++ b/container_files/tomcat/server.xml
@@ -5,20 +5,23 @@
 
   <Service name="Catalina">
 
-    <Connector
-        protocol="org.apache.coyote.http11.Http11NioProtocol"
-        port="443" maxThreads="200"
-        scheme="https" secure="true" SSLEnabled="true">
-      <SSLHostConfig
+    <Connector protocol="org.apache.coyote.http11.Http11NioProtocol"
+               port="443" 
+               maxThreads="200"
+               scheme="https"
+               secure="true" 
+               SSLEnabled="true"
+               defaultSSLHostConfigName="IdP">
+      <SSLHostConfig hostName="IdP"
           ciphers="ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384"
           disableSessionTickets="true"
           honorCipherOrder="false"
           protocols="TLSv1.2,TLSv1.3">
         <Certificate
-            certificateKeystoreFile="/opt/certs/keystore.jks" 
-            certificateKeystorePassword="password" />
+            certificateFile="/opt/certs/idp-default.crt" 
+	    certificateKeyFile="/opt/certs/idp-default.key" />
       </SSLHostConfig>
-      <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
+      <!--<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />-->
     </Connector>
 
     <Engine name="Catalina" defaultHost="localhost">
diff --git a/test-compose/idp/container_files/config/tomcat/server.xml b/test-compose/idp/container_files/config/tomcat/server.xml
index d0df37e..b837d9e 100644
--- a/test-compose/idp/container_files/config/tomcat/server.xml
+++ b/test-compose/idp/container_files/config/tomcat/server.xml
@@ -4,22 +4,36 @@
   <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
 
   <Service name="Catalina">
-<Connector
-          protocol="org.apache.coyote.http11.Http11NioProtocol"
-          port="443" maxThreads="200"
-          scheme="https" secure="true" SSLEnabled="true"
-          keystoreFile="/opt/certs/keystore.jks" keystorePass="e68cb9bc-bb21-4319-a664-1f755ad8b47c"
-          clientAuth="false" sslProtocol="TLS"/>
+
+    <Connector protocol="org.apache.coyote.http11.Http11NioProtocol"
+               port="443"
+               maxThreads="200"
+               scheme="https"
+               secure="true"
+               SSLEnabled="true"
+               defaultSSLHostConfigName="IdP">
+      <SSLHostConfig hostName="IdP"
+          ciphers="ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384"
+          disableSessionTickets="true"
+          honorCipherOrder="false"
+          protocols="TLSv1.2,TLSv1.3">
+        <Certificate
+            certificateFile="/opt/certs/idp-default.crt"
+            certificateKeyFile="/opt/certs/idp-default.key" />
+      </SSLHostConfig>
+    </Connector>
+
     <Engine name="Catalina" defaultHost="localhost">
 
       <Host name="localhost"  appBase="webapps"
             unpackWARs="true" autoDeploy="true">
 
-        <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
-               prefix="localhost_access_log." suffix=".txt"
-               pattern="%h %l %u %t &quot;%r&quot; %s %b" />
+        <Valve className="org.apache.catalina.valves.AccessLogValve"
+               directory="/tmp" prefix="tomcat_access_log"
+               rotatable="false" pattern="%h %l %u %t &quot;%r&quot; %s %b" />
 
       </Host>
     </Engine>
   </Service>
 </Server>
+
diff --git a/test-compose/idp/container_files/credentials/tomcat/idp-default.crt b/test-compose/idp/container_files/credentials/tomcat/idp-default.crt
new file mode 100644
index 0000000..c086e61
--- /dev/null
+++ b/test-compose/idp/container_files/credentials/tomcat/idp-default.crt
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDczCCAlugAwIBAgIEc3Xh/jANBgkqhkiG9w0BAQsFADBqMQswCQYDVQQGEwJV
+UzELMAkGA1UECBMCVVMxETAPBgNVBAcTCEFueXdoZXJlMRQwEgYDVQQKEwtFeGFt
+cGxlIE9yZzELMAkGA1UECxMCSVQxGDAWBgNVBAMTD2lkcC5leGFtcGxlLm9yZzAe
+Fw0xODA2MTMxODE2NTZaFw0yODA2MTAxODE2NTZaMGoxCzAJBgNVBAYTAlVTMQsw
+CQYDVQQIEwJVUzERMA8GA1UEBxMIQW55d2hlcmUxFDASBgNVBAoTC0V4YW1wbGUg
+T3JnMQswCQYDVQQLEwJJVDEYMBYGA1UEAxMPaWRwLmV4YW1wbGUub3JnMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn29yHNKZZVM2dyA/MP8ItBnJiIHK
+Bj4HJA+x/+7d9Uw0VKNYWLBGd6eo48wZNUx/fSkamgsJnJJEcQ9ZB6Kh7Sr5Cv+j
+Kn+ttQ/xRBW/TOUInCi/+TE5tpHdqsc5jhvpDvJzyd4AjhWD98BRjnqO7Vdllh0h
+XY0eWwnURTC5RTjnTy8x0k8NGl+4/gICWcab10uOS6WziT/BiwWZiAFK+30aOzqv
+Qo9MLdP2iRNqhnXh21KCAEw/dm0iMOYa3c460cI5Wpz16BN0hBKJa2eLIsUz1Ei8
+e6d2bfgRsXSVuiwMG7/6kLcbqJSHMnLT2V17IzxpMMg4g2TV69MHAI0WfwIDAQAB
+oyEwHzAdBgNVHQ4EFgQUnUHUCeihIylq0vGUhtaZ3radUncwDQYJKoZIhvcNAQEL
+BQADggEBAJ47J4Q6Mgqt3TMyiwH0YTcL7KpFOTIX/BdaeG5c/QAuO+ASxxPeUSHd
+gy1GymRxrQp/9XXCjGRIVwSsgrZ0IZHhogIZCOTA+j+kri0TtZrhkKy6TCFimd1J
+JMmLmrT5uaEPAnL42jvet0rToPqx3gt9AdGbmWf+OyXT8pLMPRKvf6xTQSh1XJZH
+CXbNcMzEp7wq3Z3vDQZ498CM7mEb7y+2cF0iCKydHSL0VvqmjDicj2+4J6qKHBFW
+4cWkzmVmQTT8MEHYyq/Fif8ElE7PiRow3vhO7WEy7pfhcmrz3DPqRVDLk2AgmYBn
+rPigRnfDmz0Cc/zvxbd3UxfRATCNYcU=
+-----END CERTIFICATE-----
+
diff --git a/test-compose/idp/container_files/credentials/tomcat/idp-default.key b/test-compose/idp/container_files/credentials/tomcat/idp-default.key
new file mode 100644
index 0000000..cea75aa
--- /dev/null
+++ b/test-compose/idp/container_files/credentials/tomcat/idp-default.key
@@ -0,0 +1,29 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCfb3Ic0pllUzZ3
+ID8w/wi0GcmIgcoGPgckD7H/7t31TDRUo1hYsEZ3p6jjzBk1TH99KRqaCwmckkRx
+D1kHoqHtKvkK/6Mqf621D/FEFb9M5QicKL/5MTm2kd2qxzmOG+kO8nPJ3gCOFYP3
+wFGOeo7tV2WWHSFdjR5bCdRFMLlFOOdPLzHSTw0aX7j+AgJZxpvXS45LpbOJP8GL
+BZmIAUr7fRo7Oq9Cj0wt0/aJE2qGdeHbUoIATD92bSIw5hrdzjrRwjlanPXoE3SE
+EolrZ4sixTPUSLx7p3Zt+BGxdJW6LAwbv/qQtxuolIcyctPZXXsjPGkwyDiDZNXr
+0wcAjRZ/AgMBAAECggEAI43/3audZ7o54DEBxpRpRXimt9lxyxiUEReq8086klRv
+KxzOO+D7pf1urXY7fOZVW/0JoKarew4nUytACHLdN32o0ioWIgkdHM60WCGdarF8
+zQ5NWW3/19YJn+cTz7wrqhipd7AZYZYsuthZl7N/IjCmR+axJSKuTVEQ1Gk8N9JR
+rY8CujwI8RRtVd1NQwFc+mEgjesCvqctoBBRUI5oP5uhwkbF9TLbs0nLZ9Q6EXpi
+LTViJA/q+/Qjl2Fi9V9291lMJfXEN5saNiFpYXGQtajEnzO30W7lTMi7IXHrSJpY
+BiLiPpGL6Rsk/aV/Cmk9kg7hTKGfW0c4m4U92LRsAQKBgQDMtWUA38K2izrkBKZU
+DjoV3QY0smA7V6RZtMuK9p4ntk23fE7SdcdJn6ILCUVl1V/TnFYRYIGbU4z/mBdb
+YHwfqtcp69GzQNXc4aJFghB0HGKmbomMZKddDVKZ6YyTZLiLDoMKLyyauuL0unGe
+b89CfqVK3KpqKQBkO0TMXibcfwKBgQDHYhf1VdobcJbNisRSGgl8DOgGSmc/KrCC
+AHobcc9xtS+kXP8Fa6ymwA4aw8G5RZ21IWiqrsjRk1zb23CXm/d9EjWZygUmAfgb
+ymHXJ9bQ1Vk/DDua/SbDHZf24C7VApac+1IOkjRwGflIL555ms5rLA2XlaniPFwA
+1kVNbiTGAQKBgQCfhryvcbDLkLTT/MuhtXSOlS/A4UEc/a+WOM5l/MpDKE5oLvc+
+C4rCVSRydUcflKiYv7xSzmIyKWo3xM5u50HTa89BXASPLHd9KljK0hEAax51lK6c
+OdQzL66vQtHKCzPFKgn0Zc7cxccX8DOaxIc/ynIFZPFoyYsEkSuMF9MxAQKBgAOW
+PS4ZtEnIFb5u36dGdqM3rDjov8DAKNq93XR+8KdwBgJj9eaIEFwTmm1a1jJaEUM/
+7Z0cddpnV0VRRk5D7Qjf+fzhSIRthqQhWO9A9TlejTN4Kd5Y7YiXELPNRqpoWINM
+diZy9OSLYxOsX6J6aXo+GaR/ecXrJhCRyj9hWuIBAoGAaOGaWVRmKISH8lf57SEV
+fZCuPA1cplMpToHYK/uXdLBZuMkeG89jSLBN8fXx86KfRuUXrBDXgGs5zHF0BS7u
+dvOtw+lGj3WhYcWg2D/9mUoiOQ9i9dSxDM/pg6BH65ZrhNlnBnjVrSyN2A4AjfRw
+NfRiVLTvQIYmTSq8H+NxFAc=
+-----END PRIVATE KEY-----
+