Replace the self-signed certificate for an engine with a valid CA certificate for communication tasks.
For communication tasks that go through an engine, you can replace the default self-signed certificate for the engine with your own certificate.
Find the two files created by the engine. The default location is
Replace the contents of these files with your own certificates.
Change file owner to demisto:
chown -R demisto:demisto d1.key.pem
chown -R demisto:demisto d1.cert.pem
Set the file permissions:
chmod 600 d1.key.pem
chmod 644 d1.cert.pem
(Optional) If you are using a key passphrase for your custom certificate, add the passphrase to your engine configuration:
Go to→ → → .
Create New Engine and provide an engine name or select an existing engine and Edit Configuration.
Select Use a passphrase for the engine certificate private key.