As a user of POMBA, I want it to be possible to deploy POMBA such that the audit initiation (external API) and other support API are only available via https and not http.   This can either be the only option or a configurable parameter. It should be the default deployment though.

Note that when using https, http must not also be enabled.

I only require server-side certificates.

Acceptance Criteria

• Compliant to the ask above
• Support for all ONAP best practices
• Code checked in, use documented on Wiki
• Demo to working group

Exclusions

• Context Builder APIs, tracked separately.