To ensure trust between parties in a secure communication session, Prisma Access uses digital certificates. Each certificate contains a cryptographic key to encrypt plaintext or decrypt ciphertext. Each certificate also includes a digital signature to authenticate the identity of the issuer. The issuer must be in the list of trusted certificate authorities (CAs) of the authenticating party. Optionally, the authenticating party verifies the issuer did not revoke the certificate. Prisma Access uses certificates to secure features like decryption and authentication, and to secure communication between all the clients, servers, users, and devices connecting to your network.

For applications onboarded to ZTNA Connector, set up your certificates, add certificate authorities, and define certificate checks using Prisma Access.