Focus

Restore an Expired Device Certificate

Table of Contents

Filter

Expand All | Collapse All

Next-Generation Firewall Docs

Getting Started
Administration
Version
- Cloud Management of NGFWs
- PAN-OS 10.0 (EoL)
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0
- PAN-OS 11.1 & Later
- PAN-OS 9.1 (EoL)
Networking
Version
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0
- PAN-OS 11.1 & Later
AIOps
Incidents & Alerts
Release Notes
Version
- Cloud Management and AIOps for NGFW
- PAN-OS 10.0 (EoL)
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0
- PAN-OS 11.1
- PAN-OS 11.2
- PAN-OS 8.1 (EoL)
- PAN-OS 9.0 (EoL)
- PAN-OS 9.1

Install a Device Certificate

Deploy Certificates Using SCEP

Restore an Expired Device Certificate

Restore an expired device certificate on your firewall.

The device certificate installed on your firewall has a 90 day lifetime. A firewall with the device certificate installed automatically attempts to reinstall the device certificate 15 days before the certificate expires. However, you have the ability to manually reinstall the device certificate if it fails to reinstall automatically.

Select

Device

Setup

Management

and review the

Current Device Certificate Status

in the Device Certificate Section.

The

Current Device Certificate Status

displays

Expired

Install a Device Certificate.

If the

request certificate fetch otp <otp_value>

command is not available, it means the firewall is a Trusted Platform Module (TPM) device.

To restore the device certificate for a TPM device, run the following command:

request certificate fetch

Install a Device Certificate

Deploy Certificates Using SCEP

Next-Generation Firewall Docs

Restore an Expired Device Certificate

Next-Generation Firewall Docs

Restore an Expired Device Certificate

Recommended For You

Activation & Onboarding

Next-Generation Firewalls

Cloud-Delivered Security Services

Network Security

Visibility & Monitoring

Best Practices

Experts Corner