You can enable Frontend TLS settings for your Platform during installation, or, once the Platform is running, you can modify those settings from the Security>Communication Security page in the SOC. Internal encryption settings can only be configured during installation, and are not affected by settings on this page.
Before making changes to the communication security on your Platform, see more about on TLS/SSL certificates.
You can change enforcement for your Platform in the TLS Enforcement section of the Communication Security page.
TLS Enforcement means that traffic (including traffic to guest applications) on HTTP is automatically re-directed to HTTPS. If disabled, TLS enforcement does not disable HTTPS or require all User traffic to be re-directed to HTTP. This means that the Tenants may always use TSL to access their guest applications even if it is not required. It also means that applications where TLS is enforced on a per-application basis (as configured through the Developer Portal) will use TLS even if Platform-wide Enforcement is disabled.
To enable, click Enable TLS Enforcement. Once enabled, all future traffic (including traffic to guest applications) on HTTP is automatically re-directed to HTTPS, so there is no Tenant disruption – even if the User is already logged in to the Platform.
If TLS enforcement is enabled, this option is Disable TLS Enforcement which you can use to disable enforcement at any time.
In the Frontend TLS Certificate section you can specify an TLS certificate the Platform will use to encrypt frontend traffic.
Click Upload Certificate or Repair your HTTPS Bindings when you are finished.