Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
02-20-2022 12:19 AM
Hi Guys,
I'm the first time to renew our GP VPN device certificates. But my certificates just expired today.
And I checked our old device certificates, it doesn't have the "CA".
When I renew it, do I need to import certificates ".pem" file or "pkcs12"? I don't want to change any current VPN configuration.
I have totally no idea how to do it. Thanks a lot!
02-20-2022 11:28 PM
Hi,
Read this below thread you have an answer
Regards
Basavaraj
02-20-2022 11:28 PM
Hi,
Read this below thread you have an answer
Regards
Basavaraj
02-21-2022 12:18 AM
Hi Basavaraj,
Yes. I saw this solution. My old certificates were purchased from RapidSSL. If I purchase new certificates (same domain) with new CSR/Private key from RapidSSL. Is it change other settings? My Global Protect VPN set in the AWS. Thanks.
02-21-2022 12:58 AM
Hi,
there are no settings going to be changed in the VPN configurations, you generate the new CSR and get it signed by your CA and bind the certificate with your CSR in the Palo alto firewall. after that, you can map it to your SSL/TLS profile and test it.
Regards
Basavaraj
02-21-2022 02:56 AM
Hi Kevin,
may I know what settings are you referring to?
There won't be any changes as long your VPN configuration is concerned, you have to map the new certificate in the SSL/TLS profile once you import the new certificate, only that is the change you will have to do as for as I know
Regards
Basavaraj
02-22-2022 08:42 AM
"Kevin" appears to be a bot account posting generic replies to build reputation and post spam links. The forums have been overrun by them the last few days.... "Kevin's" new account has posted 5 times in the week since being set up, 4 of which were posted/edited to include credit/payment card spam/phishing links.
02-22-2022 09:09 AM
Hi Adrian,
Thank for you letting me know, I will be a little careful going forward
Regards
Basavaraj
03-18-2024 05:45 AM
I saw this solution. My old certificates were purchased from RapidSSL.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
