Manage Default Trusted Certificate Authorities
- Device > Certificate Management > Certificates > Default Trusted Certificate Authorities
Use this page to view, disable, or export, the pre-included certificate authorities (CAs) that the firewall trusts. For each CA, the name, subject, issuer, expiration date and validity status is displayed.
The CA certificates generated on the firewall don’t appear in this list; they appear only in the DeviceCertificate ManagementCertificatesDevice Certificates page.
Trusted Certificate Authorities Settings
If you disabled a CA, you can re-Enable it.
Select the CA and Disable it. You might use this option to trust only specific CAs or to disable all other CAs and trust only your local CA.
Select and Export the CA certificate. You can import into another system or view the certificate offline.
Device > Certificate Management > Certificates
Device > Certificate Management > Certificates Select Device Certificate Management Certificates Device Certificates to manage (generate, import, renew, delete, and revoke) certificates, which are used ...
Configure SSL Forward Proxy
SSL Forward Proxy decryption enables the firewall to see potential threats in outbound encrypted traffic and apply security protections against those threats. ...
Manage Firewall and Panorama Certificates
Manage Firewall and Panorama Certificates Device > Certificate Management > Certificates > Device Certificates Panorama > Certificate Management > Certificates Select Device Certificate Management Certificates ...
Keys and Certificates for Decryption Policies
Decryption requires keys and certificates to establish trust between a client and a server so the firewall can decrypt encrypted traffic. ...
Other Supported Actions to Manage Certificates
Other Supported Actions to Manage Certificates After you generate the certificate, its details display on the page and the following actions are available: Other Supported ...
Import a Certificate and Private Key
Import a Certificate and Private Key If your enterprise has its own public key infrastructure (PKI), you can import a certificate and private key into ...
Enable Two-Factor Authentication Using Certificate and Authentication Profiles
Enable Two-Factor Authentication Using Certificate and Authentication Profiles The following workflow describes how to configure GlobalProtect client authentication requiring the user to authenticate both to ...
Deploy Server Certificates to the GlobalProtect Components
Deploy Server Certificates to the GlobalProtect Components The following table shows the best practice steps for deploying SSL/TLS certificates to the GlobalProtect components: Import a ...
Keys and Certificates
Keys and Certificates To ensure trust between parties in a secure communication session, Palo Alto Networks firewalls and Panorama use digital certificates. Each certificate contains ...