Import global sign root CA

Showing results for 
Show  only  | Search instead for 
Did you mean: 
Please sign in to see details of an important advisory in our Customer Advisories area.

Import global sign root CA

L3 Networker


I'am setting up global protect. The customer has a global sign certificate to use with the Global Protect. But I have to select the root ca in the Global Protect configuration. On the website from Global sign I can copy the certificate but can I import this in some way on the Palo Alto?

Or how should I do this?




L5 Sessionator

Hello Kevin,

Certificates can be imported from WebUI under Device tab > Certificates > Import Certificate.

If it is a PEM file then would you would require a separate key file to be imported along with the certificate. If it is a PKC12 file and since the key is inbuilt, only certificate import in that aspect should suffice.

Please refer to the following document from page 18-21 for configuring certificates in Global Protect. The rest of the document also gives you a very good illustration of Global Protect's working and configuration.


L5 Sessionator

If you want to import certificate to Palo Alto device you can go under Device -> Certificate, then at the bottom you have Import, go ahead and import the cert and use it for GP. Let us know if this is what you wanted to know.

L3 Networker

Yes I know how to import it. But question is where I could find from GlobalSign the right formatted file to import. Because I need to configure the root CA in the portal client config. But without it I think the Global protect was working yesterday.

  • 3 replies
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!