>
    Configure Revocation Status Verification of Certificates
    Focus
    Download PDF
    Focus
    1. Home
    2. PAN-OS
    3. Certificate Management
    4. Set Up Verification for Certificate Revocation Status
    5. Configure Revocation Status Verification of Certificates
    Download PDF

    Configure Revocation Status Verification of Certificates

    Table of Contents
    End-of-Life (EoL)

    Configure Revocation Status Verification of Certificates

    The firewall and Panorama use certificates to authenticate users and devices for such applications as Captive Portal, GlobalProtect, site-to-site IPSec VPN, and web interface access to the firewall/Panorama. To improve security, it is a best practice to configure the firewall or Panorama to verify the revocation status of certificates that it uses for device/user authentication.
    1. Configure a Certificate Profile for each application.
      Assign one or more root CA certificates to the profile and select how the firewall verifies certificate revocation status.
      For details on the certificates that various applications use, see Keys and Certificates
    2. Assign the certificate profiles to the relevant applications.
      The steps to assign a certificate profile depend on the application that requires it.

    © 2024 Palo Alto Networks, Inc. All rights reserved.