![[16.0.0.3 and later]](../ng_v16003plus.gif)
Setting up third-party certificates for an existing collective
You can set up third-party certificates for an existing collective.
About this task
To set up third-party certificates for an existing collective, you need to change the keystore and truststore, which are displayed in the following image:

Tip: You can find the keytool utility in your Java™ installation
directory.
Important: All members and controllers must use CA
certificates.