Create a Certificate Profile for Authenticating Panorama Nodes

Set up authentication between the Panorama™ Controller and Panorama Nodes using Certificate Profiles.
Certificate profiles define which certificate authority (CA) certificates to use for verifying the Panorama Node certificates used to secure communication between the Panorama™ Controller and Panorama Nodes and to verify Panorama Node revocation status. A certificate profile is required to set up Panorama for large scale firewall deployments.
  1. Log in to the Panorama Web Interface of the Panorama Controller.
  2. Generate the Panorama Node Certificate used to secure communication between the Panorama Controller and Panorama Nodes. Repeat this step for all Panorama Nodes.
  3. Create a Certificate Profile.
    CRL
    and
    OCSP
    is currently not supported.
    1. Select
      Panorama
      Certificate Management
      Certificate Profile
      and
      Add
      a new Certificate Profile.
    2. Enter a
      Name
      for the Certificate Profile.
    3. Add
      the CA certificate created in Step 2.
    4. Click
      OK
      to finishing adding the Certificate Profile.
      panorama-interconnect-cert-profile.png
  4. Click
    Commit
    and
    Commit to Panorama
    .

Related Documentation