Manage Default Trusted Certificate Authorities
- Device > Certificate Management > Certificates > Default Trusted Certificate Authorities
Use this page to view, disable, or export, the pre-included certificate authorities (CAs) that the firewall trusts. The pre-installed list of CAs includes the most common and trusted certificate providers responsible for issuing the certificates the firewall requires to secure connections to the internet. For each trusted root CA, the name, subject, issuer, expiration date and validity status are displayed.
The firewall does not trust intermediate CAs by default because intermediate CAs are not a part of the chain of trust between the firewall and the trusted root CA. You must manually add any intermediate CAs that you want the firewall to trust, along with any additional trusted enterprise CAs that your organization requires (DeviceCertificate ManagementCertificatesDevice Certificates).
Trusted Certificate Authorities Settings
If you disabled a CA, you can re-Enable it.
Select the CA and Disable it. You might use this option to trust only specific CAs or to disable all other CAs and trust only your local CA.
Select and Export the CA certificate. You can import into another system or view the certificate offline.
Default Trusted Certificate Authorities (CAs)
Review and manage the CAs that the firewall trusts by default. ...
Refresh of Default Trusted CAs
PAN-OS 8.1 refreshes the list of CAs that the firewall trusts by default. ...
Device > Certificate Management > Certificates
Device > Certificate Management > Certificates Select Device Certificate Management Certificates Device Certificates to manage (generate, import, renew, delete, and revoke) certificates, which are used ...
Certificate Management The following topics describe the different keys and certificates that Palo Alto Networks® firewalls and Panorama use, and how to obtain and manage ...
Keys and Certificates for Decryption Policies
Decryption requires keys and certificates to establish trust between a client and a server so the firewall can decrypt encrypted traffic. ...
Configure SSL Forward Proxy
SSL Forward Proxy decryption enables the firewall to see potential threats in outbound encrypted traffic and apply security protections against those threats. ...
Manage Firewall and Panorama Certificates
Manage Firewall and Panorama Certificates Device > Certificate Management > Certificates > Device Certificates Panorama > Certificate Management > Certificates Select Device Certificate Management Certificates ...
Certificate Deployment The basic approaches to deploy certificates for Palo Alto Networks firewalls or Panorama are: Obtain certificates from a trusted third-party CA —The benefit ...
Keys and Certificates
Keys and Certificates To ensure trust between parties in a secure communication session, Palo Alto Networks firewalls and Panorama use digital certificates. Each certificate contains ...