Default Trusted Certificate Authorities (CAs)
Focus
Focus
Next-Generation Firewall

Default Trusted Certificate Authorities (CAs)

Table of Contents

Default Trusted Certificate Authorities (CAs)

Review and manage certificates from the certificate authorities (CAs) trusted by Palo Alto Networks Next-Generation Firewalls.
The Default Trusted Certificate Authorities store (DeviceCertificate ManagementCertificatesDefault Trusted Certificate Authorities) contains certificates issued by the most common and trusted certificate authorities (CAs). Palo Alto Networks Next-Generation Firewalls use these preinstalled certificates to secure connections to the internet. The store displays the name, subject, issuer, expiration date, and revocation status of each certificate.
The Default Trusted Certificate Authorities store is updated with major PAN-OS releases.
You can enable, disable, or export CA certificates from the store. To add additional enterprise CA certificates to your firewall, obtain the certificates and import them to Device Certificates or Custom Certificates (DeviceCertificate ManagementCertificates, then Device Certificates (PAN-OS 11.2 and earlier) or Custom Certificates (PAN-OS 12.1.0 and later)).