By default, an generates a self-signed TLS certificate that is presented to the incoming TLS connections. However, you can configure a certificate to use by performing the following step:

1. Place the certificate and key files in $SM_SITEMOD/conf/tls/$DOMAIN.crt and $SM_SITEMOD/conf/tls/$DOMAIN.key
   Here, $DOMAIN is the name of the domain used to register with the Broker.
   Note: The files must be in PKCS#8, PEM encoded form with no password.
   The self-signed certificates generated by Smart Assurance are stored in the process memory.
2. To regenerate the default self-signed TLS certificates, stop and restart the Smart Assurance processes.