PAN-OS 8.1 refreshes the list of CAs that the firewall
trusts by default.
The certificate authorities (CAs) that the firewall
trusts by default are updated in PAN-OS 8.1; new trusted root CAs
are added and expired CAs are removed. The pre-installed list of
CAs includes the most common and trusted certificate providers responsible
for issuing the certificates the firewall requires to secure connections
to the internet. Because the firewall trusts these CAs by default,
the only additional CAs you might want to add are any trusted enterprise
CAs that your organization requires.
To view and manage the list of CAs that the firewall trusts by
Trusted Certificate Authorities
. For details
on the different keys and certificates that the firewall uses, and
how to obtain and manage them, seeCertificate Management.