Forward Trust and Untrust Certificate are grayed out once the certificate has been added.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Forward Trust and Untrust Certificate are grayed out once the certificate has been added.

L3 Networker

 

Hi, 

 

When trying to setup SSL decryption which requires enabling both “Forward Trust and Untrust Certificate”. The certificate has been added but the options are grayed out as shown.

what can be reasons?

Any idea would be appreciated. : )

 

 

patrick.PNG

1 ACCEPTED SOLUTION

Accepted Solutions

Hi,

 

If you can export your certificate with the private key as a PKCS#12 file then you can import this into the firewall.

 

https://www.paloaltonetworks.com/documentation/70/pan-os/pan-os/certificate-management/import-a-cert...

 

The firewall also supports import of a PEM file certificate.  If your key file is seperate you can import this at the same time as the PEM file.

 

hope this helps,

Ben

View solution in original post

4 REPLIES 4

L4 Transporter

Hello,

 

Have you also imported the key for this certificate? You will need this for the firewall to proxy the connection correctly.

 

Ben

Hi,

 

Thank you for your reply. Do you know how can i imported the key and which format of the certificate is better to use.

Sorry completely new in this.

 

Thanks

.

Hi,

 

If you can export your certificate with the private key as a PKCS#12 file then you can import this into the firewall.

 

https://www.paloaltonetworks.com/documentation/70/pan-os/pan-os/certificate-management/import-a-cert...

 

The firewall also supports import of a PEM file certificate.  If your key file is seperate you can import this at the same time as the PEM file.

 

hope this helps,

Ben

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!