https://live.paloaltonetworks.com/t5/next-generation-firewall/exploring-decryption-and-encryption-strategies-with-palo-alto/m-p/581890#M2901 <P>no, the firewall does not have this type of proxy functionality. it can only decrypt for inspection, not replace the server certificate or remove encryption entirely</P> Wed, 27 Mar 2024 14:38:23 GMT reaper 2024-03-27T14:38:23Z https://live.paloaltonetworks.com/t5/next-generation-firewall/exploring-decryption-and-encryption-strategies-with-palo-alto/m-p/581875#M2900 <P><SPAN>Is it possible for the Palo Alto firewall to decrypt inbound traffic and deliver decrypted text to the internal server? I don't want the traffic to be re-encrypted after PA analysis. </SPAN></P> <P>&nbsp;</P> <P><SPAN>Is it possible to decrypt inbound traffic and re-encrypt it with another certificate for internal delivery?</SPAN></P> Wed, 27 Mar 2024 13:51:08 GMT https://live.paloaltonetworks.com/t5/next-generation-firewall/exploring-decryption-and-encryption-strategies-with-palo-alto/m-p/581875#M2900 LeonardoMachado 2024-03-27T13:51:08Z https://live.paloaltonetworks.com/t5/next-generation-firewall/exploring-decryption-and-encryption-strategies-with-palo-alto/m-p/581890#M2901 <P>no, the firewall does not have this type of proxy functionality. it can only decrypt for inspection, not replace the server certificate or remove encryption entirely</P> Wed, 27 Mar 2024 14:38:23 GMT https://live.paloaltonetworks.com/t5/next-generation-firewall/exploring-decryption-and-encryption-strategies-with-palo-alto/m-p/581890#M2901 reaper 2024-03-27T14:38:23Z