The CSR is sent to the certificate signing authority. The
CA authority sends the certificate by email in different formats.
Use the certificate in X.509 format with the .pem extension.
Replace the existing internal certificate in
newly generated private certificate and key.
Restart the Cortex XSOAR server.
Keep the certificate and key in a place other than
Troubleshoot Creating a Private Key and CSR
After the newly generated certificate key pair is copied
, if the browser does
not show the new certificate, do one or more of the following:
Check whether the FQDN specified in the certificate is
the same as the FQDN of the Cortex XSOAR server.
Check whether there are any other certificates or keys in
other than the ones generated recently for the Cortex XSOAR server.
If so, remove or move them to another folder on the server.
On your browser on which you are trying to load Cortex XSOAR,
clear cookies and other data. For example, in Chrome, go to
Clear Browsing data
If the Cortex XSOAR server is behind a load balancer, re-upload
the certificate on the load balancer. For example, if the Cortex XSOAR
server is behind the ELB (Elastic Load Balancing), re-import the
certificate on ELB (Elastic Load Balancing) on the Amazon Certificate Manager