OCSP responder question

Reply
Highlighted
L2 Linker

OCSP responder question

When you generate a certificate for your login page on the Palo Alto and it is signed by a self signed CA... if you created an OCSP reponder should that responder be added to the certificate when you create that certificate for the Palo Alto login page?

 

Thanks

 

Andy

Highlighted
Cyber Elite

Hello,

I would say yes, this way you can revoke the certificate and the PAN will stop trysuting it if required.

 

Hope that helps.

Highlighted
Cyber Elite

Hi @AndyYerger

 

If you select the created OCSP Responder when you create the certificate (not the Root CA, as the OCSP Respondet soes not apply there), then it will be added to the certificate.

https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/certificate-management/obtain-certif...

Highlighted
L2 Linker

Thank you for your reply.

 

Andy

Highlighted
L2 Linker

Thanks for the infor and reply

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!