Third party SSL cert for Global Protect

Showing results for 
Search instead for 
Did you mean: 

Third party SSL cert for Global Protect

L1 Bithead

I have a third party (Network Soluitions SSL cert that expires in 2023 but validation not past July 22nd of 2022.  What is the process from start to finish with the cert and on the firewall?  I'm assuming I need to have NS reissue another cert with another request and then follow this article but just wanted to confirm these are the steps?


Thank You


That would do it...


Once you have changed the SSL/TLS Certificate Profile to use the new certificate, you can delete the old certificates. It may take several minutes for the profile changes to take effect and your web management interface/etc may be temporarily unreachable while the web services restart. Once it has changed over you can delete the old certificate. If the old certificate is used somewhere else in the config the PA won't let you delete it until it has been fully remove.

L2 Linker



Here is a good resource for all things global protect related.  Resource List: GlobalProtect Configuring and Troubleshooting - Knowledge Base - Palo Alto Networks


This is the guide I would follow for your use case.  Found it in the cert section of the above link.  I hope this helps.  How to Generate a CSR (Certificate Signing Request) & Import th... - Knowledge Base - Palo Alto Netw...

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!