02-17-2018 03:23 PM - edited 02-17-2018 03:25 PM
When you generate a certificate for your login page on the Palo Alto and it is signed by a self signed CA... if you created an OCSP reponder should that responder be added to the certificate when you create that certificate for the Palo Alto login page?
Thanks
Andy
02-20-2018 09:14 AM
Hello,
I would say yes, this way you can revoke the certificate and the PAN will stop trysuting it if required.
Hope that helps.
02-20-2018 10:36 AM
Hi @AndyYerger
If you select the created OCSP Responder when you create the certificate (not the Root CA, as the OCSP Respondet soes not apply there), then it will be added to the certificate.
02-20-2018 09:54 PM
Thank you for your reply.
Andy
02-20-2018 09:54 PM
Thanks for the infor and reply
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
