Sure. Nothing special there: you just need to read up on the https config for the server you are using (Tomcat, Jboss, etc.). Nothing Activiti specific at all.
Another alternative is to run Tomcat behind Apache 2.2.x using mod_proxy_ajp, that way Apache handles the SSL. It all depends on your server architecture and what else you have to connect into. -G
