Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Fixing the Certificate Security Browser Warning

To fix a browser warning that the JSA security certificate is not valid or not secure, you can download a certificate from the issuing URL and import it into your browser.

  1. Download the Certificate Authority (CA) content from the JSA server:

    1. Download the root CA from http://<host_ip>:9381/vault-qrd_ca.pem.

    2. Download the intermediate CA from http://<host_ip>:9381/vault-qrd_ca_int.pem.


    If you need the CA bundle, you can concatenate the intermediate CA with the root CA.

  2. Copy the CA files to your local computer, and then log out of JSA.

  3. Import the CA into your browser by using the appropriate method for your browser:

    • Mozilla Firefox

    • Google Crome

    • Microsoft Internet Explorer

    • Apple Safari

    • Opera

  4. Restart the browser to ensure that the certificate is loaded.

  5. Log in to JSA and verify that the browser no longer displays the security warning.

Installing and Updating a Certificate Authority After a Software Update

If you choose not to use the local Certificate Authority during the software update, you can select to use it after the installation is complete.

Some software updates include a new local Certificate Authority (CA). During the update, you can choose to add this CA or skip this process. If you didn't add the new CA during the update, you can use the following steps to create the new CA afterwards.

  1. On the JSA Console, type the following command: /opt/qradar/vault/bin/

  2. Restart Tomcat on the Console by typing the following command: service tomcat restart

  3. Log in to the Console, navigate to the Admin tab, and then click Deploy.