Enabling Communication Between JSA and AWS CloudTrail
A certificate is required for the HTTP connection between JSA and Amazon AWS CloudTrail.
The Automatic Certificate download option is available for the Amazon AWS CloudTrail log source. To download the certificate automatically, select Yes for the Automatically Acquire Server Certificate(s) option when you configure the log source.
If you want to download the certificate manually, complete the following steps.
- Access your Amazon AWS CloudTrail S3 bucket.
- Export the certificate as a DER-encoded binary certificate
to your desktop system. The file extension must be
- Copy the certificate to the
/opt/QRadar/conf/trusted_certificatesdirectory on the JSA host on which you plan to configure the log source.