How to Load a Certificate onto a Panorama with the API

How to Load a Certificate onto a Panorama with the API

6568
Created On 02/19/21 23:43 PM - Last Modified 04/06/23 19:56 PM


Objective


This article details uploading a certificate to the Panorama and assign it to a Template.

Environment


  • Panorama
  • SSL Certificate
  • Template environment

Procedure


  1. Upload the file (file has cert and key combined)
curl -k --form 'file=@<file_name>' 'https://<panorama>/api/?type=import&category=keypair&certificate-name=<cert_name>&format=pem&passphrase=<key_password>&key=<auth_key>'
  1. Get the cert after it was uploaded:
/api/?type=config&action=get&xpath=/config/panorama/certificate/entry[@name='<cert_name>']&key=<auth_key>
  1. Put the cert into a template:
/api/?type=config&action=get&xpath=/config/devices/entry[@name='localhost.localdomain']/template/entry[@name='<template_name>']/config/devices/entry[@name='localhost.localdomain']/vsys/entry[@name='vsys1']/certificate&element=<element from previous get action>&key=<auth_key>

Additional Information


PAN-OS® and Panorama™API Usage Guide
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000HCwrCAG&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language