Configure Certificate in Palos Alto Firewall

To configure certificate in Palo Alto Firewall, we may have two options: Generate a Certificate or Import a certificate if you already have a certificate on a device.

A. Generate a Certificate

  1. Logon PA firewall and go to Device>Certificate Management>Certificates

2. Click on Generate

3. Select Local (default) as the Certificate Type. Enter the information such as Certificate Name, Common Name.

4. In Certificate Attributes, Select the check boxes that correspond to the intended use of the certificate on the firewall. Then click on Generate.

5. If it is successfully generated the certificate, click OK and then Commit.

B. Import a Certificate and Private Key

If your company has been using a certificate on other devices, you can import it from the certificate authority (CA). Assuming you already export the certificate, here is the steps for importing the certificate to PA Firewall.

  1. Go to Device>Certificate Management>Certificates
  2. Click on Import.

3. Enter the information such as Certificate Name, Certificate File, Import Private Key.

4. Click O and then commit.

Published by

Bob Lin

Bob Lin, Chicagotech-MVP, MCSE & CNE Data recovery, Windows OS Recovery, Networking, and Computer Troubleshooting on http://www.ChicagoTech.net How to Install and Configure Windows, VMware, Virtualization and Cisco on http://www.HowToNetworking.com