Add or remove certificates from the certificate store
To add a custom certificate to the certificate store:
phenv python3 /opt/phantom/bin/import_cert.py -i /tmp/ca.crt /opt/phantom/bin/phsvc restart uwsgi
In this example, the
import_cert.py script is copying the certificate file
ca.crt to the
/opt/phantom/etc/certs/ directory, then consolidating all the files in that directory to the
/opt/phantom/etc/cacerts.pem file. The
cacerts.pem file is used by to verify all server certificates.
/opt/phantom/bin/phsvc restart uwsgi restarts the web server so the updated
cacerts.pem file is reloaded.
If you need to remove a certificate that you have previously installed, perform the following tasks:
- Delete the file for that certificate from
- Run the
import_cert.pyscript with no parameters.
- Restart the web server.
certificate store overview
Troubleshooting certificate issues
This documentation applies to the following versions of Splunk® SOAR (On-premises): 5.3.3, 5.3.4, 5.3.5, 5.4.0