HTTPS with a signed certificate - Administrator Guide - 8.5 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR On-prem Documentation

Product
Cortex XSOAR
Version
8.5
Creation date
2024-03-10
Last date published
2025-01-15
Category
Administrator Guide
Solution
On-prem
Abstract

Use HTTPS with a signed certificate in Cortex XSOAR. Concatenate the certificate chain.

By default, the tenant uses a self-signed certificate for a secure HTTP connection. TLS versions 1.2 and 1.3 are supported.

Create a self-signed certificate

We recommend using a self-signed certificate only for development environments. Follow these steps to create a self-signed certificate.

Install or renew a custom certificate from a Certificate Authority

If you want to use your own certificate (X.509 certificates), you can install or renew a custom certificate. For security reasons, the default certificate for a production environment must be replaced with your private key and a certificate from a Certificate Authority (CA). For development environments, you either use a self-signed certificate or a certificate from a CA.

Example 1. 
Export External Dynamic Lists (EDLs) to a firewall

An EDL is a text file that you or another source hosts on an external web server so that a firewall can import objects (IP addresses, URLs, and domains) to enforce policy on the entries in the list. As the list is updated, the firewall dynamically imports the list at a configured interval and enforces policy without making a configuration change or a commit on the firewall.

To export a secure EDL to your firewall, you need to replace the out-of-the-box certification and set up the certification for the firewall to be able to access the EDL. For more information on setting up a PAN-OS firewall, see Configure the Firewall to Access an External Dynamic List. For more information on importing a certificate to a PAN-OS firewall, see Import a Certificate and Private Key.