Home
EN
Location
Documentation Home
Palo Alto Networks
Support
Live Community
Knowledge Base
>
Clear
Generate a Private Key and Block It
Updated on
Fri Oct 27 17:38:42 UTC 2023
Focus
Download PDF
Updated on
Fri Oct 27 17:38:42 UTC 2023
Focus
Home
PAN-OS
Decryption
Block Private Key Export
Generate a Private Key and Block It
Download PDF
Generate a Private Key and Block It
Table of Contents
Filter
Expand All
|
Collapse All
Next-Generation Firewall Docs
Getting Started
Administration
Version
Cloud Management of NGFWs
PAN-OS 10.0 (EoL)
PAN-OS 10.1
PAN-OS 10.2
PAN-OS 11.0
PAN-OS 11.1 & Later
PAN-OS 9.1 (EoL)
Networking
Version
PAN-OS 10.1
PAN-OS 10.2
PAN-OS 11.0
PAN-OS 11.1 & Later
AIOps
Incidents & Alerts
Release Notes
Version
Cloud Management and AIOps for NGFW
PAN-OS 10.0 (EoL)
PAN-OS 10.1
PAN-OS 10.2
PAN-OS 11.0
PAN-OS 11.1
PAN-OS 11.2
PAN-OS 8.1 (EoL)
PAN-OS 9.0 (EoL)
PAN-OS 9.1 (EoL)
End-of-Life (EoL)
Previous
Block Private Key Export
Next
Import a Private Key and Block It
Generate a Private Key and Block It
Secure private keys that you generate on PAN-OS devices by blocking key export.
Block the export of a private key to prevent its misuse after generating a certificate.
Select
Device
Certificate Management
Certificates
Device Certificates
.
If there is more than one virtual system, select a
Location
or
Shared
for the certificate.
Generate
the certificate.
Select
Block Private Key Export
to prevent anyone from exporting the certificate.
See
Generate a Certificate
for information about the other certificate fields.
Click
Generate
to generate the new certificate.
You can also generate a certificate and block its private key from export using the operational CLI command:
admin@pa-220> request certificate generate block-private-keys yes
The preceding CLI command can also include the certificate and other parameters that are not shown.
Previous
Block Private Key Export
Next
Import a Private Key and Block It