Create a Certificate Profile for Authenticating Panorama Nodes
Table of Contents
Expand all | Collapse all
Create a Certificate Profile for Authenticating Panorama Nodes
Set up authentication between the Panorama™ Controller
and Panorama Nodes using Certificate Profiles.
Certificate profiles define
which certificate authority (CA) certificates to use for verifying
the Panorama Node certificates used to secure communication between
the Panorama™ Controller and Panorama Nodes and to verify Panorama
Node revocation status. A certificate profile is required to set
up Panorama for large scale firewall deployments.
- Log in to the Panorama web interface of the Panorama Controller.Obtain the CA Certificate for the Panorama Controller.Generate the Panorama Node Certificate used to secure communication between the Panorama Controller and Panorama Nodes. Repeat this step for all Panorama Nodes.Create a Certificate Profile.CRL and OCSP is currently not supported.
- Select PanoramaCertificate ManagementCertificate Profile and Add a new Certificate Profile.Enter a Name for the Certificate Profile.Add the CA certificate you previously created.Click OK to finishing adding the Certificate Profile.Click Commit and Commit to Panorama.