After receiving CA validates SSL files, you can continue with the SSL installation on Palo Alto Firewall.
Step 1: Prepare your SSL files
To install SSL files on Palo Alto, you have to merge them into a single file. Here’s how.
- Open your primary SSL Certificate (.crt file with randomized name) and copy the full text including —–BEGIN CERTIFICATE—– and —– END CERTIFICATE —–tags
2. Create a new plain text document and paste the certificate’s content. Make sure you haven’t left any white spaces or extra line breaks.
3. Now, open your intermediate certificate (gd_bundle.crt or similar) and copy-paste its contents in the new plain text document you’ve just created, right under your primary SSL Certificate.
Note: If you receive more than one intermediate certificate from your CA, place the second intermediate cert under the first.
4. Your new plain text Notepad document should look like this:
—– BEGIN CERTIFICATE —–
(SSL Certificate encrypted data)
—– END CERTIFICATE —–
—– BEGIN CERTIFICATE —–
(Intermediate CA encrypted data)
—– END CERTIFICATE —–
5. Save your Notepad SSL file containing primary and intermediate certificates with the same name as your CSR file. Make sure it has the .cer extension.
Step 2: Import your SSL Certificate
- Log into your Palo Network dashboard
- Select the Device tab, and in the left section expand the Certificate Management tree and click on Certificates.
- At the bottom of the screen, click Import.
4. In the Import Certificate window, next to Certificate Name, enter the name of your SSL Certificate. It must be the same as the CSR name.
5. Click Browse to locate your .cer SSL file. Don’t check the private key related radio buttons.
6. Click OK.
Step 3: Test your SSL
Option 1: Login the SSL website.
Option 2: After you have installed your SSL certificate, you can use GoDaddy SSL checker test tool.