If the server has been set up without support for TLS, you can enable TLS support later by completing the following tasks:

  1. Obtain a certificate chain.

    For more information about obtaining a certificate chain, see Certificate Chains. To prepare a JKS or PKCS #12 keystore with an appropriate certificate chain and private key, use the manage-certificates tool. We also recommend that you create a truststore that the server can use.

  2. Configure the key and trust manager providers. For more information, see Configuring Key and Trust Manager Providers.
  3. Configure connection handlers. For more information, see Configuring Connection Handlers.