URL Overide SSL Cert

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

URL Overide SSL Cert

L3 Networker

Palo Team,

 

For URL override, do you need to use an SSL Cert signed by an internal CA? Or can I use an SSL from a public authority like Go Daddy?

 

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClRdCAK

1 accepted solution

Accepted Solutions

Cyber Elite
Cyber Elite

@Schneur_Feldman,

Either one would technically work without issue, but keep in mind that you need to have the SAN as the IP that you utilize to prevent browsers from complaining about the certificate. In that event, it's usually not an option to use a public CA since you're going to need that to be an internal IP address. In the event that you're using public IPs that's not an issue. 

View solution in original post

1 REPLY 1

Cyber Elite
Cyber Elite

@Schneur_Feldman,

Either one would technically work without issue, but keep in mind that you need to have the SAN as the IP that you utilize to prevent browsers from complaining about the certificate. In that event, it's usually not an option to use a public CA since you're going to need that to be an internal IP address. In the event that you're using public IPs that's not an issue. 

  • 1 accepted solution
  • 1084 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!