The firewall and Panorama use certificates
to authenticate users and devices for such applications as Captive Portal,
GlobalProtect, site-to-site IPSec VPN, and web interface access
to the firewall/Panorama. To improve security, it is a best practice
to configure the firewall or Panorama to verify the revocation status
of certificates that it uses for device/user authentication.