https://live.paloaltonetworks.com/t5/next-generation-firewall/can-i-use-a-certificate-from-another-device-in-my-decryption/m-p/614597#M4859 <P>Hi</P> <P>&nbsp;</P> <P>I plan to apply Vunerable Protection to the customer's firewall and at the same time decrypt outbound traffic.</P> <P>However, the customer's network environment already includes encryption and decryption equipment.</P> <P>And the customer wants to apply the certificate used in the existing device when applying the Decryption Policy in Palo Alto.</P> <P>&nbsp;</P> <P>I think this would definitely be possible</P> <P>However, I could not find the guide document provided by Palo Alto.</P> <P>Is it possible to apply other device's certificates to Palo Alto decryption rules as I think?</P> <P>&nbsp;</P> <P>&nbsp;</P> Fri, 25 Oct 2024 02:13:13 GMT Y.Choi597679 2024-10-25T02:13:13Z https://live.paloaltonetworks.com/t5/next-generation-firewall/can-i-use-a-certificate-from-another-device-in-my-decryption/m-p/614597#M4859 <P>Hi</P> <P>&nbsp;</P> <P>I plan to apply Vunerable Protection to the customer's firewall and at the same time decrypt outbound traffic.</P> <P>However, the customer's network environment already includes encryption and decryption equipment.</P> <P>And the customer wants to apply the certificate used in the existing device when applying the Decryption Policy in Palo Alto.</P> <P>&nbsp;</P> <P>I think this would definitely be possible</P> <P>However, I could not find the guide document provided by Palo Alto.</P> <P>Is it possible to apply other device's certificates to Palo Alto decryption rules as I think?</P> <P>&nbsp;</P> <P>&nbsp;</P> Fri, 25 Oct 2024 02:13:13 GMT https://live.paloaltonetworks.com/t5/next-generation-firewall/can-i-use-a-certificate-from-another-device-in-my-decryption/m-p/614597#M4859 Y.Choi597679 2024-10-25T02:13:13Z https://live.paloaltonetworks.com/t5/next-generation-firewall/can-i-use-a-certificate-from-another-device-in-my-decryption/m-p/614617#M4860 <P>Hi <a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/1194655993">@Y.Choi597679</a> ,</P> <P>&nbsp;</P> <P>Yes, you can import a <U>CA</U> certificate from another device into the Palo Alto to use as the Forward Trust Certificate for SSL Decryption.&nbsp; The customer probably wants to do that because the existing certificate is already trusted by the company PCs.</P> <P>&nbsp;</P> <P>Thanks,</P> <P>&nbsp;</P> <P>Tom</P> Fri, 25 Oct 2024 03:06:49 GMT https://live.paloaltonetworks.com/t5/next-generation-firewall/can-i-use-a-certificate-from-another-device-in-my-decryption/m-p/614617#M4860 TomYoung 2024-10-25T03:06:49Z https://live.paloaltonetworks.com/t5/next-generation-firewall/can-i-use-a-certificate-from-another-device-in-my-decryption/m-p/614634#M4861 <P>thank you for your reply</P> <P>Is there a guide document for setting up Forward Trust Certifcate with a certificate from another device?</P> <P>&nbsp;</P> <P>&nbsp;</P> Fri, 25 Oct 2024 04:06:58 GMT https://live.paloaltonetworks.com/t5/next-generation-firewall/can-i-use-a-certificate-from-another-device-in-my-decryption/m-p/614634#M4861 Y.Choi597679 2024-10-25T04:06:58Z