1. Home
    2. PAN-OS
    3. PAN-OS® and Panorama™ API Guide
    4. PAN-OS XML API Request Types
    5. Export Files (API)
    6. Export Certificates and Keys

    Export Certificates and Keys

    Use the following procedure to export certificates and keys.
    1. To export certificates and keys, specify query parameters
      certificate-name
      ,
      format
      , and
      passphrase
      : 
      https://

							
      <firewall>
      /api/?key=
      <apikey>
      &type=export&category=<certificate>

							&certificate-name=

							
      <certificate_name>
      

							&passphrase=

							
      <passphrase>
      

							&format=<pkcs12><pem><pkcs10>&include-key=<yes><no>&vsys=<vsys>

							<omit this parameter to import it into a shared location>
      • certificate-name
        —name of the certificate object on the firewall
      • passphrase
        —required when including the certificate key
      • format
        —certificate format:
        pkcs12
        ,
        pem
        , or
        pkcs10
      • include-key
        —yes or no parameter to include or exclude the key
      • vsys
        —virtual system where the certificate object is used. Ignore this parameter if the certificate is a shared object.
      You can use the example above to export a certificate signing request (CSR). If you do so, then specify the following two parameters as shown:
      • format
        pkcs10
      • include-key
        no
    2. Confirm that the XML response includes the certificate:
      -----BEGIN CERTIFICATE-----

							MIIDXTCCAkWgAwIBAgIJAJC1HiIAZAiIMA0GCSqGSIb3Df

							BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVx

							aWRnaXRzIFB0eSBMdGQwHhcNMTExMjMxMDg1OTQ0WhcNMT

							<!-- TRUNCATED -->

							-----END CERTIFICATE-----

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2021 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo