+Securing RESTCONF using HTTPS
+=============================
+
+To secure Jetty RESTful services, including RESTCONF, you must configure the
+Jetty server to utilize SSL by performing the following steps.
+
+#. Issue the following command sequence to create a self-signed certificate in the ``etc`` folder for
+ use by the ODL deployment.
+
+ ::
+
+ keytool -keystore .keystore -alias jetty -genkey -keyalg RSA
+ Enter keystore password: 123456
+ What is your first and last name?
+ [Unknown]: odl
+ What is the name of your organizational unit?
+ [Unknown]: odl
+ What is the name of your organization?
+ [Unknown]: odl
+ What is the name of your City or Locality?
+ [Unknown]:
+ What is the name of your State or Province?
+ [Unknown]:
+ What is the two-letter country code for this unit?
+ [Unknown]:
+ Is CN=odl, OU=odl, O=odl,
+ L=Unknown, ST=Unknown, C=Unknown correct?
+ [no]: yes
+
+
+#. After the key has been obtained, make the following changes to
+ the ``etc/org.ops4j.pax.web.cfg`` file to set a few default properties.
+
+ ::
+
+ org.osgi.service.http.secure.enabled=true
+ org.osgi.service.http.port.secure=8443
+ org.ops4j.pax.web.ssl.keystore=./etc/.keystore
+ org.ops4j.pax.web.ssl.keystore.password=123456
+ org.ops4j.pax.web.ssl.keystore.type=PKCS12
+ org.ops4j.pax.web.ssl.key.password=123456
+ org.ops4j.pax.web.ssl.key.alias=jetty
+
+
+You can test that the changes have succeeded by restarting Karaf,
+issuing the following ``curl`` command, and ensuring that the 2XX HTTP status
+code appears in the returned message.
+
+::
+
+ curl -u admin:admin -v -k https://localhost:8443/rests/operations
+
+A more advanced example of Jetty security configuration can be found in this article:
+https://access.redhat.com/documentation/en-us/red_hat_jboss_fuse/6.3/html/security_guide/webconsole#idm139646384633952
+