Provide permissions to the user, who installs unravel, to access the certificates folder.

chown -R username:groupname /path/to/certificates/directory

Download the certificates to a directory. For example: wget http://xyz.unraveldata.com/unravel_certs/unravel_wildcard.pem

Upload the certificates.

## Option 1
<unravel_installation_directory>/unravel/manager config tls trust add </path/to/the/certificate/files

or 

## Option 2
<unravel_installation_directory>/unravel/manager config tls trust add --pem </path/to/the/certificate/files>
<unravel_installation_directory>/unravel/manager config tls trust add --jks </path/to/the/certificate/files>
<unravel_installation_directory>/unravel/manager config tls trust add --pkcs12 </path/to/the/certificate/files>

Upload the key and certificate.

<unravel_installation_directory>/unravel/manager config tls set /path/to/key.pem /path/to/certificate.pem --key-password <password>

##For example:
/opt/unravel/manager config tls set --pem unravel_wildcard.pem wildcard_unraveldata_com_RSA_private.pem --key-password XiSqdpk9

Enable TLS and then enable the Trustore.

<unravel_installation_directory>/unravel/manager config tls <enable|disable>
<unravel_installation_directory>/unravel/manager config trust <enable|disable>

Stop Unravel

<unravel_installation_directory>/unravel/manager stop

Apply the changes

<unravel_installation_directory>/unravel/manager config apply

Verify the connection.

<unravel_installation_directory>/unravel/manager verify connect <Cluster Manager-host> <Cluster Manager-port>

For example: /opt/unravel/manager verify connect xyz.unraveldata.com 7180
-- Running: verify connect xyz.unraveldata.com 7180
 - Resolved IP: 111.17.4.123
 - Reverse lookup: ('xyz.unraveldata.com', [], ['111.17.4.123'])
 - Connection:   OK
 - TLS:      No
-- OK

Verify the Truststore as well as the TLS configuration:

<unravel_installation_directory>/unravel/manager verify tls

Start Unravel

<unravel_installation_directory>/unravel/manager start