Hi folks, I am starting my journey to configure Global Protect VPN. First I am trying to create/install a SSL certificate from my internal Microsoft CA. I see articles for subordinate, but I do not have that. Just a stand alone Microsoft CA. This article indicates that I need to eventually export the certificate (after submitting csr to CA and downloading) in .pfx format to then convert to .pem format, before installing on the Palo Alto. https://live.paloaltonetworks.com/t5/Learning-Articles/How-to-Create-Subordinate-CA-Certificates-with-Microsoft/ta-p/58046 I've generated the CSR on my PA 200 and submitted to my CA, but do not have the options to export the private key and save in .pfx format. I've attached my process. Anyone have suggestions? Pasted to Microsoft CA using Web Server template. Download certificate chain. Import .p7b to a sample Windows server so that I may then export immediately after as .pfx. After import, export immediately to .pfx. But not able, greyed out.
... View more