Certificate Requirements for Panorama Interconnect

Certificate requirements for securing communication between the Panorama™ Controller and Panorama Interconnect.
To secure communication between the Panorama™ Controller and Panorama Nodes, make sure the certificates you use meet the following requirements:
  • A Certificate Authority (CA) responsible for issuing certificates to Panorama Nodes is required on the Panorama Controller. You can either Create a Self-Signed Root CA Certificate or Import a Certificate and Private Key to sign it. Please note you must configure the CA certificate in the
    Panorama
    tab in order to set up the Interconnect plugin.
  • Import a certificate or generate a unique certificate for each Panorama Node, The CA certificate on the Panorama Controller must issue the certificates that you use on the Nodes.
    • If you are importing a certificate to the Panorama Node, ensure that the certificate
      Common Name
      is the serial number of the Panorama Node.
    • The certificate must be in PKCS12 or PEM format and must include a private key so that the Panorama Nodes can authenticate successfully.

Related Documentation