Palo Alto Networks Knowledgebase: How to Perform Client Certificate Install for SSL Decryption

How to Perform Client Certificate Install for SSL Decryption

10404
Created On 02/07/19 23:58 PM - Last Updated 02/07/19 23:58 PM
Certificate Management
Resolution

Steps

  1. Export certificate from the Palo Alto Networks firewall
    1. Go to Device > Certificate Management > Certificates
    2. Under the Device Certificates tab, select the certificate to export
    3. Click the Export button
      Screen Shot 2014-03-03 at 3.42.06 PM.png
  2. Install the certificate on the client system
    1. Double-click on the certificate
    2. Click Install Certificate to launch the Certificate Import Wizard
      Screen Shot 2014-03-03 at 3.44.34 PM.png
    3. On the Certificate Store page, check "Place all certificates in the following store"
    4. Click Browse and select "Trusted Root Certification Authorities"
      Screen Shot 2014-03-03 at 3.45.26 PM.png
    5. Click Next and then Finish
    6. Click Yes when the Security Warning appears
      Screen Shot 2014-03-03 at 3.46.03 PM.png
    7. Click OK on the success dialog
      Screen Shot 2014-03-03 at 3.46.17 PM.png

Verification

Chrome browser

  1. Enter Settings page
    Screen Shot 2014-03-03 at 3.46.47 PM.png
  2. Click "Show advanced settingsā€¦" at the bottom of the page
  3. Scroll down to HTTPS/SSL and click "Manage certificatesā€¦"
    Screen Shot 2014-03-03 at 3.47.36 PM.png
  4. Go to the Trusted Root Certification Authorities tab and verify the imported certificate
    Screen Shot 2014-03-03 at 3.48.46 PM.png

Internet Explorer browser

  1. Bring up the Internet Options dialog
  2. Go to the Content tab
  3. Click Certificates
  4. Go to the Trusted Root Certification Authorities tab and verify the imported certificate
    Screen Shot 2014-03-03 at 3.49.40 PM.png

owner: wtam



Attachments
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClXpCAK&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Attachments
Choose Language