Hi,
Im trying to create cert based administrator access but the doc from Palo Alto refers to selfsigned CA, can i use a cert from third party provider. if there is any useful link or material on how this could be done would be helpful. Should i repeat the process for all administrators, can i use authentication profile which has Firewall Admins.
to set up this type of authentication to an external CA, you need to import the intermediate and root CA for the external CA, then create a certificate profile
In the Certificate profile you should add the CA cert that will be signing the client certificates, and also provide the OCSP/CRL information. Then go ahead just like the doc. (client certificates should have the admin username as CN)