Managing the certificates in your deployment

Select and view the status details of the client and server certificates or the root CA certificates that are uploaded. You can assign a component to a certificate or change the component that is assigned to the certificate. A certificate entry that has a red color bar indicates an expired certificate. A certificate with a yellow color bar indicates that the deployment is pending for that certificate or the certificate expires within 15 days. In QRadar 7.4.2 and later, validation of a new certificate can take up to 24 hours.

If you are going to renew a certificate, ensure you have the relevant certificates, keys, and files available.
  1. Go to the Client/Server Certificate tab.
  2. To view the status and details of a certificate, such as the certification path, under the Client/Server Certificate tab, click the name of the certificate that you want to view.
  3. To view the certification path, click the Certification Path tab on the Certificate Details window.
    In QRadar 7.4.2 and later, you can view the certification path. For example, the path would show when an intermediate certificate is present with the certificate.
  4. To manage a certificate, select the relevant checkbox.
    1. To assign a component to a certificate, click Assign Component and select the component from the menu.
    2. To renew a certificate, click Renew, edit the configuration if necessary, and then click Submit.
      The new certificate appears on the main pages with Deploy Pending as the status.
    3. To delete a certificate, click Delete.

      If the certificate's status is Deployed, the status changes to Delete pending and is removed from QRadar when you deploy changes in QRadar. If the certificate's status is Deploy pending, it is immediately removed from QRadar.