If you are running in a non-secure staging environment, and you’re ready to move to production, you must perform the following steps to enable security.
Change the Identity Server configuration protocol to HTTPS. (See Configuring Secure Communication on the Identity Server.)
Replace the test certificates with your own. (See Using Access Manager Certificates or Using Externally Signed Certificates.)
Update all devices that are trusting this Identity Server configuration.
This causes the Embedded Service Provider to reimport the metadata of the Identity Server.
(Conditional) If you have set up federation, reimport metadata for trusted service and identity providers. (See Managing Metadata.)
Change the Access Gateway configuration to HTTPS. (See Configuring the Access Gateway for SSL.)