How to check certificates details on Palo Alto Firewalls?

How to check certificates details on Palo Alto Firewalls?

15326
Created On 07/27/23 10:43 AM - Last Modified 07/28/23 21:48 PM


Objective


  • To see the certificate fields for an already existing certificate
  • There are  scenarios such as a PAN-OS upgrade to 10.2.x, that require that all certificates meet the following minimum requirements:
    • RSA 2048 bits or greater,
    • ECDSA 256 bits or greater
    • Digest of SHA256 or greater

Environment


  • Palo Alto Networks firewall and Panorama. 
  • Supported Pan-OS
  • Certificates

Procedure


  1. Go to GUI: Device > Certificates > Device Certificates > (select the certificate) > Click "Export Certificate"
Note: Some fields such as the certificate´s fingerprints that are not visible from the GUI. This is the reason for export
Certificate export.PNG
  1. Navigate to your download store and double-click on the certificate to open it. Then click on the details tab to be able to see all the configured parameters. 
certificate details.PNG
 

Additional Information


For more information, referer to the Certificate Management admin guide.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000XfnhCAC&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language