Obtain the Full Certificate Chain for a Certificate

Ensure certificate contains the full certificate chain, in order to use the Cortex XSOAR Enterprise mobile app.
If you are using a CA-signed certificate, ensure the certificate contains the full certificate chain. If the certificate does not contain the full certificate chain, perform these steps in your Cortex XSOAR server environment.
Relevant for Administrators only. The following instructions are for Android 9 Pie. For other Android versions, the navigation path to find trusted credentials is different.
  1. Obtain an SSL certificate from a trusted Certificate Authority.
  2. To upload the CA-signed certificate to a Cortex XSOAR server, follow the instructions in HTTPS with a Signed Certificate.
  3. (
    Optional
    ) Open the certificate in
    /usr/local/demisto/cert.pem
    .
  4. (
    Optional
    ) Locate the root certificate and vertify that it includes the
    ---BEGIN CERTIFICATE---
    header and the
    --- END CERTIFICATE---
    footer.
  5. (
    Optional
    ) From the command run the following command:
    openssl s_client -connect www.microsoft.com:443 -showcerts
    .
  6. Copy the entire certificate chain in order.
  7. (
    Optional
    ) Paste the entire certificate chain directly under the root certificate in the cert.pem file.
  8. (
    Optional
    ) Restart the Cortex XSOAR Service

Recommended For You