Obtain the Full Certificate Chain for a Certificate - Administrator Guide - 6.5 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Administrator Guide

Product
Cortex XSOAR
Version
6.5
Creation date
2022-09-28
Last date published
2024-03-21
End_of_Life
EoL
Category
Administrator Guide
Abstract

Ensure the certificate contains the full certificate chain in order to use the Cortex XSOAR Enterprise mobile app.

If you are using a CA-signed certificate, ensure the certificate contains the full certificate chain. If the certificate does not contain the full certificate chain, perform these steps in your Cortex XSOAR server environment.

Note

Relevant for Administrators only. The following instructions are for Android 9 Pie. For other Android versions, the navigation path to find trusted credentials is different.

  1. Obtain an SSL certificate from a trusted Certificate Authority.

  2. To upload the CA-signed certificate to a Cortex XSOAR server, follow the instructions in HTTPS with a Signed Certificate.

  3. (Optional) Open the certificate in /usr/local/demisto/cert.pem.

  4. (Optional ) Locate the root certificate and vertify that it includes the ---BEGIN CERTIFICATE--- header and the --- END CERTIFICATE--- footer.

  5. (Optional) From the command run the following command:

    openssl s_client -connect www.microsoft.com:443 -showcerts.

  6. Copy the entire certificate chain in order.

  7. (Optional) Paste the entire certificate chain directly under the root certificate in the cert.pem file.

  8. (Optional) Restart the Cortex XSOAR service.