How to implement CRL checking in SCM for Prisma Access Authentication

How to implement CRL checking in SCM for Prisma Access Authentication

6495
Created On 06/28/24 21:47 PM - Last Modified 08/02/24 02:38 AM


Objective


Implement CRL checking in SCM for authentication in Prisma Access 

Environment


  • Strata Cloud Manager (SCM)
  • Prisma Access
  • Certificate Authentication

Procedure


  1. Log into Strata Cloud Manager (SCM) Console.
  2. Navigate to Manage > Configuration > NGFW and Prisma Access. The configuration scope display will open. 
  3. Change the Configuration Scope to Mobile Users Container.
  4. Click on Objects then click on Certificate Management.
  5. Under the Certificate Profile box, click on the profile that is being used for Portal and/or Gateway Authentication.
  6. Click on Show Advanced Options.
  7. Click on Use CRL.  
  8. Click on "Other Options" under the four Block Session options according to the needs of your security policy. 
  9. Click on Save at the bottom of the page to save the changes.

Additional Information


  • To fetch the CRL list, the firewall will go into the CA Certificate from the certificate authentication chain used by the Portal or Gateway, then retrieve the URL listed for CRLs.  
  • Certificate Management
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000scRNCAY&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language