The following SSL configuration instructions assume that you have already created or imported the certificate that you are going to use for SSL. This certificate must have a subject name (cn) that matches the published DNS name of the proxy service that you are going to use for authentication. You can obtain this certificate one of two ways:
You can use the Access Manager CA to create this certificate. See Creating a Locally Signed Certificate.
You can create a certificate signing request (CSR), send it to an external CA, then import the returned certificates into Access Manager. See Generating a Certificate Signing Request and Importing Public Key Certificates (Trusted Roots).