By default, Canary generates a self-signed certificate for its services that require a secure encrypted connection. This certificate, however, is not a trusted certificate. If wishing to ensure the identity of the server the user is connecting to, a trusted TLS certificate is needed.

In order to utilize a TLS certificate Canary requires that it

1. Be issued by a public CA (i.e DigiCert, GoDaddy).
2. Contain a private key
3. Has the desired url for its subject name

Once issued, this certificate will need installed on the server. The service which is intended to use this certificate must then be updated. This is accomplished by opening the appropriate tile within the Canary Admin client and navigating to the Configuration or Settings tab (depending on the tile) at the bottom. For example, if wishing to update Axiom's certificate information, open the Axiom tile and navigate to Configuration>Endpoints. The user can select the Store Name location where the certificate is installed, Find Type, and specify the Subject Name.

Once configured, the user should be able to click the 'INFO...' button and verify the details of the certificate.