Obtain the CA Certificate for the Panorama Controller
Expand all | Collapse all
Obtain the CA Certificate for the Panorama Controller
Obtain the Certificate Authority on the Panorama™ Controller
to secure communication with the Panorama Nodes.
Create a trusted Certificate Authority (CA)
responsible for issuing certificates to Panorama™ Nodes to secure
connections to the internet. A trusted CA is required when setting
up Panorama for large scale firewall deployments.
Create
the Certificate Authority certificate.
Generate a new CA certificate
Select and
Generate
a new
certificate.
For the
Certificate Type
, select
Local
.
Enter a
Certificate Name
, such as
panorama-ca
.
The name is case-sensitive and can have up to 31 characters. It
must be unique and use only letters, numbers, hyphens, and underscores.
In the
Common Name
field, enter the
serial number of the Panorama Controller.
Leave the
Signed By
field blank to
designate the certificate as self-signed.
Select the
Certificate Authority
check
box.
Generate
the CA certificate.
Import an existing CA certificate
Select and
Import
the CA
certificate.
Enter a
Certificate Name
, such as
panorama-CA
.
The name is case-sensitive and can have up to 31 characters. It
must be unique and use only letters, numbers, hyphens, and underscores.
Browse
to find the
Certificate
File
.
Base64
Encoded Certificate (PEM)
—You must import the key separately
from the certificate. Select the
Import Private Key
check
box, and
Browse
for the
Key File
.
Encrypted Private Key and Certificate (PKCS12)
—
Common format in which the key and certificate are in a single container
(
Certificate File
).
Enter and re-enter (confirm) the
Passphrase
used
to encrypt the key.
Click
OK
. The Certificates page now
displays the imported CA certificate.
Click
Commit
and
Commit
to Panorama
.