topic Re: Device Certificates Intermediate Cert in General Topics

Device Certificates Intermediate Cert

roma — Mon, 23 Nov 2020 15:16:04 GMT

Hello,

On Device>Certificate Management>Certificates - I have a IntermediateCert, under the RootCert, that is expiring. I can easily renew it, (It's self signed), but I'm trying to understand what its being used for. I haven't found any information that easily explains it, (just basically how to install, renew, etc).

How can I find out what this certificate is for, whats using it and what its purpose is? Also what would the benefit be of not having it self signed?

Thanks.

Re: Device Certificates Intermediate Cert

BPry — Wed, 25 Nov 2020 04:45:25 GMT

@roma,

If you use the search feature in the GUI you can enter the certificate name and find any place that its referenced in the configuration. The reason that you wouldn't want to use a self-signed has everything to do with where you are using the certificate. So if you're using it for something public facing like GlobalProtect for BYOD you would want to be using a trusted certificate, but internal things like SSL Decryption you would generally just use a self-signed or something signed by your internal PKI system.