By default, an generates a self-signed TLS certificate that is presented to the incoming TLS connections. However, you can configure a certificate to use by performing the following step:


  1. Place the certificate and key files in $SM_SITEMOD/conf/tls/$DOMAIN.crt and $SM_SITEMOD/conf/tls/$DOMAIN.key
    Here, $DOMAIN is the name of the domain used to register with the Broker.
    Note: The files must be in PKCS#8, PEM encoded form with no password.
    The self-signed certificates generated by Domain Manager are stored in the process memory.
  2. To regenerate the default self-signed TLS certificates, stop and restart the processes.