After the future removal of the classic playbook editor, your existing classic playbooks will continue to run, However, you will no longer be able to visualize or modify existing classic playbooks.
For details, see:
Renew IdP certificates
Identity provider (IdP) certificates are automatically created when you install and have an an expiry date of two years from the time they were created. To renew IdP certificates, follow these steps:
- Connect to your Splunk SOAR (On-premises) deployment using SSH.
- Navigate to the
/<PHANTOM_HOME>/keystore
directory and create a folder and name itcert.save
. - Copy all existing certificates listed in the
/<PHANTOM_HOME>/keystore
directory to thecert.save
folder. - Delete all pem or der files in the
/<PHANTOM_HOME>/keystore
directory exceptprivate_key.pem
.private_key.pem
is used to decrypt the password and will not be updated. - Change directory to /<PHANTOM_HOME>/bin.
- Update the current certificate files by running the following command:
phenv python /opt/phantom/bin/initialize.py --set-auth-keys --force
The new IdP certificates are generated under the /<PHANTOM_HOME>/keystore
directory and are valid for 2 years. If necessary, you can then copy the relevant public signing key to your IdP.
- If you use SAML, copy
public_sig_saml2.pem
to your IdP. - If you use OIDC, copy
public_sig_oidc.der
to your IdP.
Update or renew SSL certificates for Nginx, RabbitMQ, or Consul | backup and restore overview |
This documentation applies to the following versions of Splunk® SOAR (On-premises): 5.1.0, 5.2.1, 5.3.1, 5.3.2, 5.3.3, 5.3.4, 5.3.5, 5.3.6, 5.4.0, 5.5.0, 6.0.0, 6.0.1, 6.0.2, 6.1.0, 6.1.1, 6.2.0, 6.2.1, 6.2.2, 6.3.0
Feedback submitted, thanks!