After importing all the certificates into your SHRINE keystore update the keystore section within shrine.conf:
keystore { file = "/opt/shrine/shrine.keystore" password = "password" privateKeyAlias = "$KEYSTORE_ALIAS" keyStoreType = "JKS" caCertAliases= ["$HUB_CA_CERT_ALIAS"] }
SHRINE will use privateKeyAlias to find the signed certificate to sign queries going out from your site, and caCertAliases to verify queries before running them.
Overview
Content Tools