In order to set up the SSL connection between the Denodo Platform servers, admin tools and their clients we need to configure the certificate repositories. There are two types of default certificate repositories :
1. Keystore: In order for other clients and admin tools to be able to access the Denodo servers, they need the public and private key. These keys are stored in the Keystore.
1. Truststore: It's the repository on the client side of all its trusted authorities certificates. In order to initialize the SSL connection, the client checks if the certificate provided by Denodo is signed by an authority that's been registered in its TrustStore.
In Denodo, the installation of SSL certificates broadly involves two steps :
i) Generate a keystore - It can be generated by either using a self-signed certificate, certificate requested from certified authority or from a PKS file.
You can refer to the document [Obtaining and Installing SSL certificate](https://community.denodo.com/docs/html/browse/8.0/en/platform/installation/postinstallation_tasks/enable_ssl_connections_in_the_denodo_platform_servers/obtaining_and_installing_an_ssl_certificate) to get the detailed steps for all three approaches.
ii) Importing the certificate the CA(Certification Authority) used to a truststore
The above steps can also be automated by using the configurator script. You can refer to the document [Denodo SSL/TLS Configurator Script](https://community.denodo.com/docs/html/browse/8.0/en/platform/installation/postinstallation_tasks/enable_ssl_connections_in_the_denodo_platform_servers/denodo_tls_configurator_script) to get all the steps, scripts and more information to implement it.
Hope this helps!