SSL Certificate renewal query

Reply
Highlighted
L4 Transporter

SSL Certificate renewal query

We got certificate tree like this:

the public certificate (Trusted root CA) from Digicert, Intermediate cert (Digi root) and then the SSL/TLS cert (DigiVPN). This DigiVPN is going to expire soon and we use it for GP portal and GW. The server cert is by itself and got a tick next to CA column. It is valid till 2023 and used as cert profile in GP.

 

Just want to know if DigiVPN certificate has to be installed on each client/end machines or only required to be updated/renewed on Panorama.

Thanks in advance.

 


Accepted Solutions
Highlighted
Cyber Elite

Hello,

The certificate just needs to be trusted by the client machine. So as long as the client has a way to validate it, in this case reaching out to DIgiCert, you should be OK. Meaning you dont have to install it on every client. When it expires, just renew it and install it on the PAN and change the config on the PAN to use the new cert.

 

Hope that helps.

View solution in original post


All Replies
Highlighted
Cyber Elite

Hello,

The certificate just needs to be trusted by the client machine. So as long as the client has a way to validate it, in this case reaching out to DIgiCert, you should be OK. Meaning you dont have to install it on every client. When it expires, just renew it and install it on the PAN and change the config on the PAN to use the new cert.

 

Hope that helps.

View solution in original post

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!