1. Home
    2. GlobalProtect
    3. GlobalProtect™ Administrator's Guide
    4. Authentication
    5. Set Up Client Certificate Authentication

    Set Up Client Certificate Authentication

    With the optional client certificate authentication, the user presents a client certificate along with a connection request to the GlobalProtect portal or gateway. The portal or gateway can use either a shared or unique client certificate to validate that the user or endpoint belongs to your organization.
    The methods for deploying client certificates depend on the security requirements for your organization:

    Related Documentation

    Deploy Shared Client Certificates for Authentication

    Deploy Shared Client Certificates for Authentication To confirm that an endpoint user belongs to your organization, you can use the same client certificate for all ...

    Enable Two-Factor Authentication Using Certificate and Auth...

    Enable Two-Factor Authentication Using Certificate and Authentication Profiles The following workflow describes how to configure GlobalProtect to require users to authenticate to both a certificate ...

    Deploy Machine Certificates for Authentication

    Deploy Machine Certificates for Authentication To confirm that the endpoint belongs to your organization, use your own public-key infrastructure (PKI) to issue and distribute machine ...

    Client Certificate Authentication

    Client Certificate Authentication For enhanced security, you can configure the portal or gateway to use a client certificate to obtain the username and authenticate the ...

    Deploy Server Certificates to the GlobalProtect Components

    Deploy Server Certificates to the GlobalProtect Components The following table shows the best practice steps for deploying SSL/TLS certificates to the GlobalProtect components: Import a ...

    GlobalProtect Certificate Best Practices

    GlobalProtect Certificate Best Practices The following table summarizes the SSL/TLS certificates you will need, depending on which features you plan to use: Certificate Usage Issuing ...

    Configure Authentication with Custom Certificates on the PAN-DB Private Cloud

    Use custom certificates to establish a unique chain of trust that ensures mutual authentication between your PAN-DB server and your firewalls. ...

    How Does the App Know Which Certificate to Supply?

    How Does the App Know Which Certificate to Supply? When you configure GlobalProtect to use client certificates for authentication on macOS or Windows endpoints, GlobalProtect ...

    Define the GlobalProtect Client Authentication Configurations

    Define the GlobalProtect Client Authentication Configurations Each GlobalProtect client authentication configuration specifies the settings that enable the user to authenticate with the GlobalProtect portal. You ...

    Deploy User-Specific Client Certificates for Authentication

    Deploy User-Specific Client Certificates for Authentication To authenticate individual users, you must issue a unique client certificate to each GlobalProtect user and deploy the client ...

    © 2019 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo