InformationClient-cert authentication requires each client connecting to the server to have a certificate to authenticate. This is generally regarded as stronger authentication than a password as it requires the client to have the certificate and not just a password.
Certificate based authentication is more secure than password based authentication.
SolutionIn the Connector element, set the clientAuth to true and, in Tomcat 8.5.x, set the certificateVerification to required
port='8443' minProcessors='5' maxProcessors='75'
acceptCount='100' debug='0' scheme='https' secure='true';