End-of-Life (EoL)

Configure the Cortex XSOAR Server to Listen on HTTP

Configure the Server to listen on an HTTP endpoint.
By default, the Cortex XSOAR Server listens only on an HTTPS endpoint (default port 443). In some scenarios you may wish to configure the Cortex XSOAR Server to listen on an HTTP endpoint. For example, when deploying the Cortex XSOAR Server behind a web gateway which performs HTTPS termination, it may require communicating with the back-end server via HTTP.
If you require the Server to listen on an HTTP endpoint, you need to change the server to start up with the
command line argument.
When you enable the
command line argument, the Server sends web cookies without the
attribute, as it is not supported by HTTP endpoints. When the command line argument is disabled and only HTTPS is available (default configuration), web cookies are sent with the
attribute. If you require using HTTPS, it is recommended to disable the
command line argument for enhanced cookie security.
  1. Change the server to startup with the following
    command line argument.
    For example, if using
    to manage the server process, edit the
    file and change the line that starts with
    to include the
    For example,
    ExecStart=/usr/local/demisto/server -insecure
  2. Run the following commands to reload and restart the service.
    • sudo systemctl daemon-reload
    • sudo systemctl restart demisto
  3. If you need to change the port (by default, the server listens on port 8080 for HTTP), edit the
    file by updating the
    in the
    map. For example:
    { "Server" : { "HttpPort": "80" //... Other Server configurations } }
  4. After saving the
    file, restart the server.

Recommended For You