Cloud Management

Log in to Strata Cloud Manager.
For each desired service, generate or import a certificate.
Select
Manage
Configuration
NGFW and
Prisma Access
Objects
Certificate Management
Certificates
.
In the Custom Certificates pane,
Generate
or
Import
a certificate.
Save
the certificate.
Configure an SSL/TLS service profile.
Select
Manage
Configuration
NGFW and
Prisma Access
Objects
Certificate Management
Certificates
.
In the SSL/TLS Service Profiles pane, click
Add Profile
.
Enter a
Name
for the profile.
Select or
Import
a
Certificate
.
For
Protocol Settings
, define the range of TLS versions that the service can use.
TLSv1.3 support is limited to administrative access to management interfaces and GlobalProtect portals and gateways. You can only attach SSL/TLS service profiles that allow TLSv1.3 to the settings for these services.
Administrative Access and GlobalProtect Portals and Gateways:
Set the
Min Version
and
Max Version
to
TLSv1.3
.
For the
Min Version
, select the earliest allowed TLS version:
TLSv1.0
,
TLSv1.1
,
TLSv1.2
, or
TLSv1.3
.
For the
Max Version
, select the latest allowed TLS version:
TLSv1.0
,
TLSv1.1
,
TLSv1.2
, or
TLSv1.3
.
All Other Services:
Set the
Min Version
and
Max Version
to
TLSv1.2
.
For the
Min Version
, select the earliest allowed TLS version:
TLSv1.0
,
TLSv1.1
, or
TLSv1.2
.
For the
Max Version
, select the latest allowed TLS version:
TLSv1.0
,
TLSv1.1
, or
TLSv1.2
.
(
Optional
) Deselect any
Key Exchange Algorithms
,
Encryption Algorithms
, or
Authentication Algorithms
.
Save
the profile.
Push Config
.