SSL Certificate renewal query

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

SSL Certificate renewal query

L4 Transporter

We got certificate tree like this:

the public certificate (Trusted root CA) from Digicert, Intermediate cert (Digi root) and then the SSL/TLS cert (DigiVPN). This DigiVPN is going to expire soon and we use it for GP portal and GW. The server cert is by itself and got a tick next to CA column. It is valid till 2023 and used as cert profile in GP.

 

Just want to know if DigiVPN certificate has to be installed on each client/end machines or only required to be updated/renewed on Panorama.

Thanks in advance.

 

1 accepted solution

Accepted Solutions

Cyber Elite
Cyber Elite

Hello,

The certificate just needs to be trusted by the client machine. So as long as the client has a way to validate it, in this case reaching out to DIgiCert, you should be OK. Meaning you dont have to install it on every client. When it expires, just renew it and install it on the PAN and change the config on the PAN to use the new cert.

 

Hope that helps.

View solution in original post

1 REPLY 1

Cyber Elite
Cyber Elite

Hello,

The certificate just needs to be trusted by the client machine. So as long as the client has a way to validate it, in this case reaching out to DIgiCert, you should be OK. Meaning you dont have to install it on every client. When it expires, just renew it and install it on the PAN and change the config on the PAN to use the new cert.

 

Hope that helps.

  • 1 accepted solution
  • 2522 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!