I just ran into an issue while creating an External Dynamic List in Panorama 8.0. The source is a HTTPS address that requries a certificate profile for validation, so far so good. The problem is that I can't select any certificate profile, the list is empty. There's a certificate profile created under Device > Certificate Management > Certificate Profile for a template.
Any suggestion what can be wrong or how to do this in a correct way?
Solved! Go to Solution.
Thanks for posting in the community forums!
I tested this out.
Verify if the firewall is also running 8.0. I can replicate this behavior if the Panorama is 8.0 while the firewall is pre-8.0. Secondly, check from the firewall itself, if you are able to create a EDL(with https link) and associate a certificate profile. This is an excerpt from the Admin Guide of the Panorama:
Hope this helps.
I ran into the same issue. Seems to be a design issue depending on your device group hierarchy. In my case my firewalls are in a DG under an organizational DG. For example shared > datacenter firewalls > data center A. The issue is that I am managing security policy in the "datacenter firewalls" DG, which doesn't have any devices assigned to it - this is the issue. But I'm not able to create an EDL in the "datacenter firewalls" DG and reference a cert file from the template. I hope Palo dev fixes this.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The Live Community thanks you for your participation!