How to Configure Firewall to Fetch EDL from Cortex XSOAR with Client Authentication

How to Configure Firewall to Fetch EDL from Cortex XSOAR with Client Authentication

650
Created On 07/04/24 08:06 AM - Last Modified 11/06/25 20:34 PM


Objective


Configure firewall to fetch EDL from Cortex XSOAR with client authentication

Environment


  • PAN OS device (standalone or Panorama Managed)
  • EDL from Cortex XSOAR with client authentication

Procedure


To configure firewall to fetch EDL from Cortex XSOAR with client authentication, follow the steps below,

  1. Export "Go Daddy Class 2 Certification Authority" certificate from PAN OS Default Trusted Certificate Authorities in PEM format.
  2. Import that certificate into Device Certificates.
  3. Add that certificate into Certificate Profile you used for Cortex XSOAR EDL. This is the only CA certificate that needs to be referred under Certificate Profile.
  4. Configure EDL and choose the certificate profile that you configured on previous step.
    Note:
    If this is Panorama managed firewall and you are required to configure EDL in shared location, configure the following via Panorama CLI,
    > configure
# set shared external-list <EDL_name> type <EDL_type> certificate-profile <cert-profile>
    and then push the configuration to the target managed firewall.

Additional Information
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000010zBeCAI&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail