You want to replace the default self-signed certificate used by the LiveUpdate Administrator (LUA) server for HTTPS communications.
The LUA Tomcat server uses a Java keystore (JKS) to securely house its public and private key pair. This file is password protected with a proprietary password. You must create a new JKS file, and generate or obtain a new certificate to replace the LUA certificate. LUA supports both self-signed certificates and Certificate Authority (CA) signed certificates.
Obtain a new certificate
Most large organizations have specific Public Key Infrastructure (PKI) requirements. Work with the PKI experts in your organization to determine what type of certificate you require: a self-signed certificate, an internal CA-signed certificate, or a public CA-signed certificate. Generate or obtain a new certificate based on your organizational requirements. If you have no organizational PKI requirements, you can use the Java keytool program to generate a new self-signed certificate, or leave the default self-signed certificate in place.
Generate a new JKS
Use Java's keytool program, or to generate a key JKS file named server-cert.ssl
Make note of the keystore password used when generating the JKS file