Hi Team, We are using self signed certificate for user authentication signed by self-signed CA cert on Palo Alto for our global protect. does my understanding below is correct regarding certificate expiration/renewal. 1. if CA cert expired while user cert still valid, user does not need to install renewed CA cert. we can renew the CA cert on palo alto and user will be able to connect to global protect again. 2. If we renew user certificate (i.e user cert is still valid and we renew for 1 year), user will need to install new renewed certificate. Thanks
... View more