0
0



Like the majority of server systems you will install your SSL certificate on the same server where your Certificate Signing Request (CSR) was created. Your private key will always be left on the server system where the CSR was originally created. Your SSL certificate will not work without this private key file. We will assume that this is the original system.

With Palo Alto Networks you will need to complete the pending request that was left on the system from when you created your CSR. Your certificate authority should have given you an Apache format or Other x509 type of SSL Certificate and Intermediate CA.

To install your SSL Certificate into Palo Alto perform the following.

Step 1: Downloading your SSL Certificate & its Intermediate CA certificate into one file:

  1. If you had the option of server type during enrollment and selected Apache or Other you will receive a x509/.cer/.crt/.pem version of your certificate within the email. Alternately you can access your Certificate User Portal by the supplied link in the email to pick up the x509 version of your certificate.
  2. Copy the SSL certificate and make sure to copy the —–BEGIN CERTIFICATE—– and —–END CERTIFICATE—– header and footer. Ensure there are no white spaces, extra line breaks or additional characters.
  3. Use a plain text editor such as Notepad, paste the content of the certificate.
  4. If your intermediate CA certificate for your product is not in the body of the email you can access your Intermediate CA also in a link within that email. Copy and paste the contents of your Intermediate CA under your SSL Certificate. It should look something like this…
    —–BEGIN CERTIFICATE—–
    {SSL Certificate encoded data}
    —–END CERTIFICATE—–
    —–BEGIN CERTIFICATE—–
    {Intermediate CA  encoded data}
    —–END CERTIFICATE—-
    Note: You may only ever receive one Intermediate CA certificate depending on the CA SSL Certificate provider. If you receive more than one intermediate place the “second” (also known as chain or crossed signed) intermediate under the first.
  5. Save your Notepad file with your SSL Certificate and its Intermediate CA with any naming you like with a .cer extension.
    Note: The name of the file cannot contain spaces, as this may cause the import to fail.

Step 2: Importing your SSL Certificate:

  1. Log into your Palo Alto Network system.
  2. Go to Device > Certificate Management > Certificates.
  3. When importing your SSL certificate you must use the same Certificate Name used during CSR creation. You will see the status of the CSR request marked as Pending.
  4. Click the Import option at the bottom of the screen.
  5. In the Import Certificate window, type the name of the pending certificate. It must match exactly.
  6. Click browse to specify the name and path of the .cer SSL Certificate file you created.
    Note: Do not click the Import Private Key check box. The private key is already on the firewall.
  7. Click ok.
  8. The SSL Certificate will now appear as valid and will be ready for any function you desire on the Palo Alto Network system.

Congrats you have configured your Pulse Secure system with your new SSL Certificate.


If you are unable to use these instructions for your server, Acmetek recommends that you contact either the vendor of your software or the organization that supports it.

Palo Alto Network Support:

For more information refer to Palo Alto

LoadingAdd to favorites

About SSLSupportDesk:

SSLSupportDesk is part of Acmetek who is a trusted advisor of security solutions and services. They provide comprehensive security solutions that include Encryption & Authentication (SSL), Endpoint Protection, Multi-factor Authentication, PKI/Digital Signing Certificates, DDOS, WAF and Malware Removal. If you are looking for security look no further. Acmetek has it all covered!

Contact an SSL Specialist to get a consultation on the Website Security Solutions that can fit your needs.

Become a Partner and create additional revenue stream while the heavy lifting for you.