Forward Trust and Untrust Certificate are grayed out once the certificate has been added.

Reply
L3 Networker

Forward Trust and Untrust Certificate are grayed out once the certificate has been added.

 

Hi, 

 

When trying to setup SSL decryption which requires enabling both “Forward Trust and Untrust Certificate”. The certificate has been added but the options are grayed out as shown.

what can be reasons?

Any idea would be appreciated. : )

 

 

patrick.PNG

L4 Transporter

Re: Forward Trust and Untrust Certificate are grayed out once the certificate has been added.

Hello,

 

Have you also imported the key for this certificate? You will need this for the firewall to proxy the connection correctly.

 

Ben

L3 Networker

Re: Forward Trust and Untrust Certificate are grayed out once the certificate has been added.

Hi,

 

Thank you for your reply. Do you know how can i imported the key and which format of the certificate is better to use.

Sorry completely new in this.

 

Thanks

L3 Networker

Re: Forward Trust and Untrust Certificate are grayed out once the certificate has been added.

.

L4 Transporter

Re: Forward Trust and Untrust Certificate are grayed out once the certificate has been added.

Hi,

 

If you can export your certificate with the private key as a PKCS#12 file then you can import this into the firewall.

 

https://www.paloaltonetworks.com/documentation/70/pan-os/pan-os/certificate-management/import-a-cert...

 

The firewall also supports import of a PEM file certificate.  If your key file is seperate you can import this at the same time as the PEM file.

 

hope this helps,

Ben

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!