Palo Alto Networks – SSL Installation

Palo Alto Networks - SSL InstallationLike the majority of server systems you will install your SSL certificate on the same server where your Certificate Signing Request (CSR) was created. Your private key will always be left on the server system where the CSR was originally created. Your SSL certificate will not work without this private key file. We will assume that this is the original system.

With Palo Alto Networks you will need to complete the pending request that was left on the system from when you created your CSR. Your certificate authority should have given you an Apache format or Other x509 type of SSL Certificate and Intermediate CA.

To install your SSL Certificate into Palo Alto perform the following.

Step 1: Downloading your SSL Certificate & its Intermediate CA certificate into one file:

  1. If you had the option of server type during enrollment and selected Apache or Other you will receive a x509/.cer/.crt/.pem version of your certificate within the email. Alternately you can access your Certificate User Portal by the supplied link in the email to pick up the x509 version of your certificate.
  2. Copy the SSL certificate and make sure to copy the —–BEGIN CERTIFICATE—– and —–END CERTIFICATE—– header and footer. Ensure there are no white spaces, extra line breaks or additional characters.
  3. Use a plain text editor such as Notepad, paste the content of the certificate.
  4. If your intermediate CA certificate for your product is not in the body of the email you can access your Intermediate CA also in a link within that email. Copy and paste the contents of your Intermediate CA under your SSL Certificate. It should look something like this…
    —–BEGIN CERTIFICATE—–
    {SSL Certificate encoded data}
    —–END CERTIFICATE—–
    —–BEGIN CERTIFICATE—–
    {Intermediate CA  encoded data}
    —–END CERTIFICATE—-
    Note: You may only ever receive one Intermediate CA certificate depending on the CA SSL Certificate provider. If you receive more than one intermediate place the “second” (also known as chain or crossed signed) intermediate under the first.
  5. Save your Notepad file with your SSL Certificate and its Intermediate CA with any naming you like with a .cer extension.
    Note: The name of the file cannot contain spaces, as this may cause the import to fail.

Step 2: Importing your SSL Certificate:

  1. Log into your Palo Alto Network system.
  2. Go to Device > Certificate Management > Certificates.
  3. When importing your SSL certificate you must use the same Certificate Name used during CSR creation. You will see the status of the CSR request marked as Pending.
  4. Click the Import option at the bottom of the screen.
    Palo Alto Networks - SSL Installation
  5. In the Import Certificate window, type the name of the pending certificate. It must match exactly.
  6. Click browse to specify the name and path of the .cer SSL Certificate file you created.
    Note: Do not click the Import Private Key check box. The private key is already on the firewall.
  7. Click ok.
    Palo Alto Networks - SSL Installation
  8. The SSL Certificate will now appear as valid and will be ready for any function you desire on the Palo Alto Network system.
    Palo Alto Networks - SSL Installation

Congrats you have configured your Pulse Secure system with your new SSL Certificate.


If you are unable to use these instructions for your server, Acmetek recommends that you contact either the vendor of your software or the organization that supports it.

Palo Alto Network Support:

For more information refer to Palo Alto

Recent Posts

S/MIME for Outlook O365 Windows

Add to Favorites S/MIME Advantages of S/MIME Certificates S/MIME (Secure/Multipurpose Internet Mail Extensions) certificates offer several advantages when it comes to securing email communications. Here

Read More »

Abbreviations

Add to Favorites There are literally thousands of IT abbreviations out there. Many are concerned with the technical aspects of the computer, while others deal

Read More »

SSL Installation on Qmail

Add to Favorites SSL Installation on Qmail Qmail is a secure, reliable, efficient, simple message transfer agent. It is designed for typical Internet-connected UNIX hosts.

Read More »