Palo Alto Networks Knowledgebase: Unable to Access Web Console via HTTP or HTTPS

Unable to Access Web Console via HTTP or HTTPS

19230
Created On 02/08/19 00:03 AM - Last Updated 02/08/19 00:04 AM
Resolution

Issue

Unable to access web console via HTTP or HTTPS. Access via SSH is possible.

 

Resolution

This could be due to the absence of the Web GUI certificate. Since SSH access is possible, a new certificate can be created from the CLI. The following command will generate a certificate named webuicertdemo with a FQDN of panlab.com:

> request certificate generate certificate-name webuicertdemo name panlab.com

 

To make use of this certificate for Web-UI purpose, enter the following command:

> configure
# set deviceconfig system web-server-certificate webuicertdemo
# commit
# exit

 

Starting from PAN-OS 7.0 the procedure is slightly different:

 

> request certificate generate ca yes certificate-name <cert name> name <IP or FQDN> algorithm RSA rsa-nbits 2048

> configure

# set shared ssl-tls-service-profile <profile name> certificate <cert name> protocol-settings min-version tls1-0 max-version tls1-2
# set deviceconfig system ssl-tls-service-profile <profile name>
# commit
# exit

 

owner: bpappas



Attachments
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cli0CAC&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Attachments
Choose Language