This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Certificate Expiry

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Certificate Expiry

Sanjay_Ramaiah
L4 Transporter

‎06-18-2024 05:46 AM

Hi All,

I am trying to import the Azure SAML certificate to use it in the Identity Provider Certificate as it is expiring this Thursday. But i am getting the attached error. Does it mean do i need to delete the existing one and then import it? I have the Pem format and Base64 format but error is same when i import. Certificate extention is .cer.

Am i making anything wrong here? GP authentication will stop on Thursday so need quick help on this please.

 

Regards,

Sanjay S

0 Likes Likes
1 REPLY 1

kiwi
Community Team Member

‎06-20-2024 01:13 AM

Hi @Sanjay_Ramaiah ,

 

I don't see any attached error.  Could you provide more info ?

 

Steps to import a new Azure SAML certificate

 

Step 1 - Add a CA-Issued certificate as IdP Certificate on Azure AD

 

Generate a certificate using your enterprise Certificate Authority. Follow instructions from Azure AD to add a new CA-issued certificate https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/manage-certificates-for-federate....

Please delete the old certificate before you export the IdP metadata to complete the next step.

 

Step 2 - Import metadata and enable Validate Identity Provider Certificate on PAN-OS

 

Ask your IdP administrator for IdP metadata. Import the IdP metadata into PAN-OS and/or Panorama and ensure that the Validate Identity Provider Certificate checkbox is enabled. Click OK. Create a Certificate Profile using the same CA certificate that has issued the IdPs certificate. Add the newly created IdP Server Profile and Certificate Profile to your SAML Authentication Profile. Commit the configuration to Panorama and/or the firewall.

 

Kind regards,

-Kim.

LIVEcommunity team member, CISSP
Cheers,
Kiwi
Please help out other users and “Accept as Solution” if a post helps solve your problem !

Read more about how and why to accept solutions.
0 Likes Likes
  • 289 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks