We need to integrate Saml With Global Protect .We have done the saml configuration in azure perfectly fine.We have exported the metadata file from azure and inported in PA NGFW successfully.We need to achieve through IDP certifcate but the issue is we are unable to add the IDP certificate in authentication profile in certificate for signing request.
The IDP certificate is also imported when we import the metadata file.
The certificate you select in the auth profile identifies the local firewall to the IDP (Azure) so you need to select a certificate you have the private key for. If you look at your certs, you need one where you have the private key, and if you dont, generate a test cert. You should then be able to select that certificate to sign the request that the firewall sends to Azure. I cant remember if you need to also upload the public cert to Azure.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!