Contact us at |support@ssldragon.com
  • install an ssl certificate on palo alto

How to install an SSL Certificate on Palo Alto Networks?

Friday, April 5th, 2019

This four-part guide provides quick instructions on how to generate a CSR Code and install an SSL Certificate on Palo Alto Networks. The first two sections focus on the technical aspect, while the latter segments contain a brief history of Palo Alto, as well as useful tips on where to buy the best SSL Certificate for Palo Alto Networks.

If you’ve already applied for an SSL certificate and generated the CSR code elsewhere, feel free to skip part one and jump straight to the installation guidelines. Use the links below to navigate between sections.

Generate a CSR code on Palo Alto Networks
Install an SSL Certificate on Palo Alto Networks
Test your SSL installation
Palo Alto Networks history
Where to buy the best SSL Certificate for Palo Alto Networks?

Generate a CSR code on Palo Alto Networks

You can’t get a commercial SSL Certificate without generating a CSR (Certificate Signing Request) first. Along with the CSR, you will also create your private key which will remain on your system. After the CSR generation, backup your private key file, you’ll need it during the SSL installation.

To generate CSR code for your Palo Alto Network system, please follow the steps below:

  1. Log into your Palo Alto Network Dashboard
  2. Select the Device tab, and in the left section expand the Certificate Management tree and click on Certificates
  3. Move your cursor to the bottom of the screen and click Generate
  4. The Generate Certificate window will appear. Please, enter the following information:
    • Certificate Type: choose Local
    • Certificate Name: give your SSL Certificate a friendly name
    • Common Name: enter the FQDN (fully-qualified domain name) you want to secure (e.g., yoursite.com)
    • Note: For a wildcard SSL Certificate, add an asterisk (*) in front of the domain name. For example,*.yoursite.com
    • Signed by: from the drop-down list, select External Authority (CSR)
    • Certificate Authority: Don’t check the radio button. Leave it blank
    • OCSP responder: leave the default setting
    • Algorithm: RSA
    • Number of bits: select 2048 bits
    • Digest: sha256
    • Expiration (days): leave this field blank
  5. Next, you need to fill in the Certificate Attributes. Click add to submit the required details:
    • Country: enter the two-letter ISO code of your country. For example, US
    • State: write the full name of the state where your company is registered. For instance, Hawaii
    • Locality: type the full name of the city where your business is located. For example, Honolulu
    • Organization: specify the full legal name of your company. For instance, Your Company LLC
  6. Verify the info you’ve just submitted and then click Generate
  7. A pop-up window message will confirm the creation of your CSR and private key files
  8. To export and save your CSR file, check the box next to the Certificate Name, and click Export at the bottom of the page
  9. You can open the CSR code with any text editor such as Notepad. During the SSL enrollment process, you’ll need to copy the CSR contents into the corresponding box on your SSL vendor’s page
  10. The private key will remain on the Palo Alto Network system.

Install an SSL Certificate on Palo Alto Networks

After your CA validates your SSL request and sends the necessary SSL files to your email, you can continue with the SSL installation.

Prepare your SSL files

Download the ZIP folder and extract your primary and intermediate certificates. To install them on Palo Alto, you will have to merge them into a single file. Here’s how to do it:

  1. Open your primary SSL Certificate and copy the full text including —–BEGIN CERTIFICATE—– and —– END CERTIFICATE —–tags
  2. Create a new plain text document and paste the certificate’s content. Make sure you haven’t left any white spaces or extra line breaks
  3. Now, open your intermediate certificate and copy-paste its contents in the new plain text document you’ve just created, right under your primary SSL Certificate.

    Note: If you receive more than one intermediate certificate from your CA, place the second intermediate cert under the first.

  4. Your new plain text Notepad document should look like this:
    —– BEGIN CERTIFICATE —–
    (SSL Certificate encrypted data)
    —– END CERTIFICATE —–
    —– BEGIN CERTIFICATE —–
    (Intermediate CA encrypted data)
    —– END CERTIFICATE —–
  5. Save your Notepad SSL file containing primary and intermediate certificates with the same name as your CSR file. Make sure it has the .cer extension.

Import your SSL Certificate

  1. Log into your Palo Network dashboard
  2. Select the Device tab, and in the left section expand the Certificate Management tree and click on Certificates
  3. At the bottom of the screen, click Import
  4. In the Import Certificate window, next to Certificate Name, enter the name of your SSL Certificate. It must be the same as the CSR name.
  5. Click Browse to locate your .cer SSL file. Don’t check the private key related radio buttons.
  6. Click OK.

Congratulations, you’ve successfully installed an SSL Certificate on Palo Alto Networks.

Test your SSL installation

After you install an SSL Certificate on Palo Alto Networks, it’s recommended to run a diagnostic test on your SSL configuration, to ensure that no SSL errors affect your site’s performance. With the help of these high-end SSL tools, you can get instant scans and reports on your SSL Certificate.

Palo Alto Networks history

Palo Alto Networks is an American cybersecurity company specializing in network security and cloud computing. Founded in 2005 by Israeli-American Nir Zuk, the company developed and shipped its first firewall product in 2007.

Palo Alto Networks offers the following products:

  • Next-generation firewalls
  • Panorama network security control center
  • Traps advanced endpoint protection
  • Wildfire cloud-based threat analysis service
  • Logging Service
  • Application Framework cloud-delivered service

In 2018, Palo Alto Networks was listed 8th in the famous Forbes Digital 100 ranking.

Where to buy the best SSL Certificate for Palo Alto Networks?

If you’re searching for affordable SSL Certificates, then SSL Dragon is your best SSL vendor. Our fast and user-friendly website will guide you through the entire range of SSL Certificates. All our products are signed by trusted Certificate Authorities and are compatible with Palo Alto Networks. We offer the following SSL validation types:

We bring you the best prices on the market and stellar customer support for any certificate you buy. And, if you’re struggling to find the perfect cert for your project, our SSL Wizard and Advanced Certificate Filter tools will give you quick suggestions.

If you find any inaccuracies, or you have details to add to these SSL installation instructions, please feel free to send us your feedback at [email protected]. Your input would be greatly appreciated! Thank you.