recently i wanted to changed the web-gui certificate i followed the procedure on how to create a certificate in openssl ( for panos 4.x) the certificate created successfully. i event imported into the appliance but whenever i click on the checkbox Certificate for Secure Web GUI i receive the following error system -> web-server-certificate 'cert' is not a valid reference, do i have to upload the main CA cert before uploading the certificate i created ?...
appreciate the help.
You may want to ensure that they imported both keys. If you just imported the public key (certificate) it won't work. We need the private key to be able to be able to encrypt outbound data. Verify that the certificate you are importing is of the same key length/type and has the similar hash algorithm to the one generated by the firewall.
The certificate should be RSA 2048 with SHA1 hash. The firewall generates certificates with usage as: Digital Signature, Key Encipherment, Key Agreement, Certificate Signing, Off-line CRL Signing, CRL Signing (ae)
Hope that helps!
Thanks and regards,
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!