Splunk® Phantom (Legacy)

Administer Splunk Phantom

Splunk Phantom 4.10.7 is the final release of Splunk's Security Orchestration, Automation, and Response (SOAR) system to be called Splunk Phantom. All later versions are named Splunk SOAR (On-premises). For more information, see the Splunk SOAR (On-premises) documentation.

certificate store overview

has a certificate store used to validate certificates when forming connections to other servers. The certificates in the store are trusted certificate authority (CA) certificates from mkcert.org and are updated periodically. In almost all cases, can use its certificate store to validate any certificate issued by a commercial certificate authority (CA).

The default certificate store cannot be used to validate self-signed certificates, or certificates issued by an internal CA. You must add these custom certificates to the certificate store.

Important information about the certificate store:

Last modified on 07 September, 2021
Add and configure apps and assets to provide actions in Splunk Phantom   Add or remove certificates from the certificate store

This documentation applies to the following versions of Splunk® Phantom (Legacy): 4.9, 4.10, 4.10.1, 4.10.2, 4.10.3, 4.10.4, 4.10.6, 4.10.7

Was this topic useful?

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters