Where Can I Use
This? | What Do I Need? |
| WildFire License -
Customer Support Portal (CSP) account with one of the
following user roles:
Super User, Standard User, Limited User, Threat
Researcher, AutoFocus Trial Role, Group Super User,
Group Standard User, Group Limited User, Group Threat
Researcher, Authorized Support Center (ASC) User, and
ASC Full Service User.
- Superuser access to the WildFire appliance
|
To fetch the device certificate on the WF-500
appliance when an Internet connection is available, you must log
in to the
Palo Alto Networks Support Portal to
generate a one time password used to access the certificate. This
OTP is then used to retrieve the device certificate on the specific
appliance.
WF-500B appliances are equipped with a Trusted
Platform Module (TPM) that is used to securely identify itself and
automatically fetch the device certificate—no user intervention
is necessary to manage WF-500B device certificates.
If
your WF-500B appliance is not connected to the Internet, you might
observe failed jobs due to repeated attempts by the appliance to
retrieve device certificates.
To successfully install
the device certificate on your firewall, the following FQDNs and
ports must be allowed on your network.
https://api.paloaltonetworks.com http://apitrusted.paloaltonetworks.com certificatetrusted.paloaltonetworks.com certificate.paloaltonetworks.com
| TCP 443 |