You can configure your remote agent to use your TLS certificate instead of the default.

1. If you don’t have a keystore, then generate one using the keytool CLI command such as:

   keytool -genkeypair -alias springboot -keyalg RSA -keysize 4096 -storetype PKCS12 -keystore springboot.p12 -validity 3650 -storepass password -ext SAN=dns:test.example.com

   Instructions on how to use the keytool CLI command can be found here.
2. To provide your own keystore and TLS certificate, complete these steps:
   1. After generating the keystore, place it in the /faw/software/remoteagent/config (C:\faw\software\remoteagent\config on Windows) directory of your local instance. Once in this directory, you must create a startup-config.properties file. This properties file contains the keystore information and credentials needed by the remote agent to connect to it and fetch the TLS certificate.
   2. In the startup-config.properties file, add the following key-value properties:

   server.ssl.enabled=true
   server.ssl.key-store=</PATH/TO/KEYSTORE_FILE>
   server.ssl.key-store-password=<KEYSTORE_PASSWORD>
   server.ssl.key-store-type=<KEYSTORE_TYPE>
   server.ssl.key-alias=<KEYSTORE_ALIAS>
   server.ssl.key-password=<KEY_PASSWORD>

   The values for each key pair are as follows:

   • </PATH/TO/KEYSTORE_FILE> - File location of the keystore file
   • <KEYSTORE_PASSWORD> - Password specified for the keystore
   • <KEYSTORE_TYPE> - Type specified for the keystore, should be either JKS or PKCS12
   • <KEYSTORE_ALIAS> - Alias specified for the keystore
   • <KEY_PASSWORD> - Certificate password, NOT the password for the keystore
3. After specifying all the required properties in the startup-config.properties file, restart the remote agent docker. The remote agent uses your TLS certificate instead of the default.