1
0



Both Apache and Palo Alto Networks uses x509 pem/crt/cer certificate files for its configurations. You will follow these steps to copy, move and import your files from Apache to Palo Alto Networks system.

Apache systems are very customizable. The directory location and naming of the individual files needed vary depending on your personalized system. Below are generalized instructions. You will have to apply these examples to your own environment. 

We will start by assuming that you have already successfully installed the SSL certificate on one Apache web server.

Step 1: Finding/converting your SSL certificate and key file on Apache:

  1. Referencing the httpd.conf or ssl.conf  file on the Apache system look for the location and directories of the three files necessary on the Apache system that has the installed SSL certificate. “Of course remember your naming’s of these files and their directories MAY differ”
    • SSLCertificateFile /usr/local/ssl/crt/public.crt
      SSLCertificateFile tells Apache how to find the the SSL certificate file.
    • SSLCertificateKeyFile /usr/local/ssl/private/private.key
      SSLCertificateKeyFile tells Apache how to find the private key file.
    • SSLCertificateChainFile /usr/local/ssl/crt/intermediate.crt
      SSLCertificateChainFile
      or SSLCACertificateFile tells Apache the location of the Intermediate file.
      apache

  2. Copy these three files and back them up on a removable media USB drive or an alternate drive directory that can be accessed by the Palo Alto Networks system you are moving to.
  3. Change the extensions of your  public.crt and your intermediate.crt files to the appropriate .cer extension i.e. public.cer & intermediate.cer

Step 2: Importing your SSL Certificate into Palo Alto Networks:

  1. Log into your Palo Alto Network system.
  2. Go to Device > Certificate Management > Certificates.
  3. When importing your SSL certificate you must use the same Certificate Name used during CSR creation. You will see the status of the CSR request marked as Pending.
  4. Click the Import option at the bottom of the screen.
  5. In the Import Certificate window, under Certificate Name specify a name of your choice.
  6. On Certificate File, click browse to specify the name and path of the public.cer SSL Certificate file you created.
  7. From the File Format drop down, make sure Base64 Encoded Certificate (PEM) is selected.
  8. Select Import private key
  9. Under Key File click browse to specify the location and path of your private.key file.
  10. If your private.key has a Passphrase associated with it specify this within the Passphrase and Confirm Passphrase fields.
  11. Click ok.
  12. The SSL Certificate will now appear as valid and will be ready for any function you desire on the Palo Alto Network system.

Congrats you have configured your Pulse Secure system with your new SSL Certificate.


If you are unable to use these instructions for your server, Acmetek recommends that you contact either the vendor of your software or the organization that supports it.

Palo Alto Network Support:

For more information refer to Palo Alto

LoadingAdd to favorites

About SSLSupportDesk:

SSLSupportDesk is part of Acmetek who is a trusted advisor of security solutions and services. They provide comprehensive security solutions that include Encryption & Authentication (SSL), Endpoint Protection, Multi-factor Authentication, PKI/Digital Signing Certificates, DDOS, WAF and Malware Removal. If you are looking for security look no further. Acmetek has it all covered!

Contact an SSL Specialist to get a consultation on the Website Security Solutions that can fit your needs.

Become a Partner and create additional revenue stream while the heavy lifting for you.