>
    Configure Certificate on the Device Using CLI Commands
    Focus
    Download PDF
    Focus
    1. Home
    2. Prisma
    3. Prisma SD-WAN
    4. Installation Workflow
    5. Understand Installation Workflow
    6. Configure Certificate on the Device Using CLI Commands
    Download PDF

    Configure Certificate on the Device Using CLI Commands

    Table of Contents

    Configure Certificate on the Device Using CLI Commands

    Update the CA chain on the ION device version older than 6.2.3-b2 release.
    Update the CA chain on ION devices running on software version older than 6.2.3-b2 release.
    1. Set up the controller chain file in the devices.
    2. Copy the ca chain file from the controller:
      /home/ubuntu/certs/cachain.cgnx.net.pem
    3. Replace or create the following files in the device, contact your Palo Alto Networks representative to update the CA certificate on the ION device.
      /config/certs/controller_ca_chain.pem
      /etc/certs/controller_ca_chain.pem
    4. Add the static host details to the device:
      config static host add ip <Controller_IP> name controller.local.cgnx.net
config static host add ip <Controller_IP> names locator.cgnx.net
config static host add ip <Controller_IP> names mfg.local.cgnx.net
config static host add ip <Controller_IP> names vmfg.local.cgnx.net
config static host add ip <Controller_IP> names toolkitsessions.local.cgnx.net
    5. Verify that the controller details are reflected in the device by executing the command dump overview.
    6. After verification, create machine by accessing the controller using the device ID.

    © 2024 Palo Alto Networks, Inc. All rights reserved.