# Using TLS ## What You'll Need Before configuring TLS, ensure you have: * **Server certificate** in PEM format (text-based, not binary) * **Private key** in PEM format and **unencrypted** (no password protection) * **Certificate chain** (if using certificates from a CA with intermediates) * For mutual TLS: **Client CA certificate** to verify client certificates {% hint style="info" %} Bindplane collectors use the OpenTelemetry Collector's `configtls` package for TLS configuration. For complete technical details, see the [OpenTelemetry Collector TLS Configuration documentation](https://github.com/open-telemetry/opentelemetry-collector/blob/main/config/configtls/README.md). {% endhint %} {% hint style="warning" %} **Critical Format Requirements:** * Only PEM format is supported (DER, PKCS#12/PFX are NOT supported) * Private keys must be unencrypted (password-protected keys will NOT work) * See [Certificate Requirements](/how-to-guides/security-and-tls/using-tls/requirements.md) for detailed format requirements {% endhint %} ## Quick Navigation ### Getting Started **New to TLS?** Start with the [Quick Start Guide](/how-to-guides/security-and-tls/using-tls/quick-start.md) to get basic TLS configured in minutes. **Preparing certificates?** Review [Certificate and Key Requirements](/how-to-guides/security-and-tls/using-tls/requirements.md) to ensure your certificates are in the correct format. ### Configuration Guides **Configuring TLS between collectors and gateways?** See the [Gateway TLS Guide](/how-to-guides/security-and-tls/using-tls/gateway-tls.md) for a step-by-step walkthrough. This guide also applies to OTLP Source and Destination, which share the same TLS configuration. **Configuring TLS on receivers?** See the [Configuration Guide](/how-to-guides/security-and-tls/using-tls/configuration.md) for examples and parameter reference. **Setting up mutual TLS (mTLS)?** Follow the [Mutual TLS Guide](/how-to-guides/security-and-tls/using-tls/mutual-tls.md) for two-way authentication. ### Troubleshooting **Having issues?** Jump to the [Troubleshooting Guide](/how-to-guides/security-and-tls/using-tls/troubleshooting.md) for common problems and solutions. **Need to verify your setup?** See [Testing and Verification](/how-to-guides/security-and-tls/using-tls/reference/testing-verification.md) for OpenSSL commands and validation steps. **Wrong certificate format?** Check [Certificate Conversion](/how-to-guides/security-and-tls/using-tls/reference/certificate-conversion.md) for format conversion instructions. ### Learning Resources **Want to understand TLS concepts?** See [TLS Concepts](/how-to-guides/security-and-tls/using-tls/reference/tls-concepts.md) for background on certificates, keys, and trust. ### Related Resources * [OpenTelemetry Collector TLS Configuration](https://github.com/open-telemetry/opentelemetry-collector/blob/main/config/configtls/README.md) * [Bindplane TCP Source Documentation](https://docs.bindplane.com/integrations/sources/tcp) * [Bindplane Syslog Source Documentation](https://docs.bindplane.com/integrations/sources/syslog) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.bindplane.com/how-to-guides/security-and-tls/using-tls.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.