SIGNIFLOW

Discover our signature platform: sign and request signature for your PDFs in a fex clicks!

JOIN OUR AFFILIATE NETWORK

Join our affiliate network
and become a local SSL expert
Learn more about our program

PRODUCTS TO DISCOVER

SSL certificates Invoice signature eIDAS certificates Signature software

Menu
picture of tbs certificates
picture of tbs certificates
Certificates
ALL CERTIFICATES
SSL Extended Validation SSL Standard RGS certificates eIDAS certificates SSL ECC SSL wildcard SSL Multiple sites / SAN Quick and Dirty SSL
Specific certificates VMC certificates
E-signature Strong authentication S/MIME certificates
Test certificates PKI Solutions Trust Seals
SigniFlow: the platform to sign and request signature for your documents
Signature software
Our products range
TBS X509 DigiCert Thawte Sectigo GlobalSign GeoTrust Certigna ChamberSign SigniFlow Harica
Partners
Client login Customer accounts Open an account
Support
FAQ SHA256: Browsers' compatibility ECC: Browsers' compatibility
Focus
Invoices dematerialization
We now provide solutions compliant with RGS** and eIDAS qualified standards for invoices signature and time stamping. Further information


Generate a CSR for Palo Alto

Go to the Device - Certificate Management - Certificates - Device Certificatesmenu. If the appliance manages multile virtual systems (vsys), select the appropriate sytem via the Location menu.

Click Generate.

Enter a unique name for the certificate. If the certificat must be able for multiple vsys, check the Shared box.

In Signed By, select External Authority (CSR).

If you want to select an OCSP responder, it must have been previously created.

Now, configure the following certificate attributes:

  • CN: Common name / domain name / server name / FQDN:
    Indicate here your SSL server name, such as "secure.company.com", "www.my-domain.com" or "www.product.com". No IP address (learn more). No spaces nor blank characters.

    In the case you want to order a multiple-domains / SANs certificate, just enter the main address in the CSR. This one cannot be change during your certificate lifetime. Enter the other address to secure in the order form (those ones can be modified via reissuance).

    N.B.: Using certificates with internal names (xxx.local, yyy.priv, machine_name) or a domain that is not registered or controlled by IANA is disapproved by the CA/Browsers Forum and won't be accepted anymore by November 2015 (learn more).

  • O: Organisation / Company Name:
    indicate the corporate name of your company (no trade name or acronym), in uppercase preferably.

  • ST: State:
    in France indicate the name of the department where your company headquarters are based (not the number).

  • L: Location / City:
    indicate the city where your company headquarters are based.

  • C: Country:
    indicate FR if your company is in France, BE for Belgium, etc, in uppercase.

  • OU: Organisational unit / Department / Branch:
    We advise not to fill in this field or to enter a generic term such as "IT Department".

Click Generate. The Device Certificates list now contains an entry for your CSR with the state PendingSlect it and click Export to download your CSR.

See Also