---
title: Enabling TLS support after setup
description: If the server has been set up without support for TLS, enable TLS support later by completing the following tasks.
component: pingauthorize
version: 11.0
page_id: pingauthorize:pingauthorize_server_administration_guide:paz_enable_tls_after_setup
canonical_url: https://docs.pingidentity.com/pingauthorize/11.0/pingauthorize_server_administration_guide/paz_enable_tls_after_setup.html
revdate: July 29, 2022
section_ids:
  steps: Steps
---

# Enabling TLS support after setup

If the server has been set up without support for TLS, enable TLS support later by completing the following tasks.

## Steps

1. Obtain a certificate chain.

   For more information about obtaining a certificate chain, see [Certificate chains](paz_cert_chains.html). To prepare a Java KeyStore JKS or PKCS #12 key store with an appropriate certificate chain and private key, use the `manage-certificates` tool. We also recommend that you create a trust store that the server can use.

2. Configure the key and trust manager providers.

   For more information, see [Configuring key and trust manager providers](paz_config_key_trust_manager.html).

3. Configure connection handlers.

   For more information, see [Configuring TLS connection handlers](paz_config_connection_handlers.html).