08-11-2014 08:24 AM
I will check this out
08-11-2014 08:34 AM
By public you mean a cert purchased by a 3rd party and I don't believe we have a CA server
08-11-2014 08:50 AM
Good information thanks. We currently have a self signed cert for our global protect and I want to change it to a third party. I assume it only has to be imported to the PA device and does not have to be on a pc that has the GP client installed
08-11-2014 08:53 AM
Yes, that is correct. During the SSL handshake, PAN will push the certificate information to the client.
Thanks
08-11-2014 08:56 AM
This is what is currently configured
08-11-2014 11:31 AM
Hi Infotech
You will; be probablyh faced with intermediary cert problem, so here You are solution:
How to Install a Chained Certificate Signed by a Public CA
Regards
SLawek
08-11-2014 11:39 AM
This looks like instrucations on how to install it on a server
08-11-2014 12:02 PM
yes, PAN is a server for GP, please follow Importing Chained PEM Format Certificates - Using Text Editor and import Your cert into PAN.
You can verify is that properly configured using SSL Checker - SSL Certificate Verify
Regards
Slaweke
08-11-2014 12:04 PM
So you have to do like for any server that has a cert on it export the existing key, send it to a 3rd party vendor,get anothe key and import it onto the PA
08-11-2014 12:15 PM
I think this link I found inside one of the responses is what I really need
How to Generate a CSR(Certificate Signing Request) and Import the Signed Certificate
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
