Backup:
Outage: None if the certificate is updated prior to the current certificate expiring.
- Remote onto MRS-RDP and open the digicert certificate utility.
2. Create CSR
3. Fill in the following information
4. Request a certificate from DigiCert by the CSR create. please refer to Request a certificate from Digicert
5. Install the download certificate into your computer
6. Export the certificate with private key
8. Import the key into Palo Alto by following the 4 steps below
9. Update the TLS profile using the current certificate, if you're unsure what is bound to the current certificate, click on the arrow to the right and above the current certificate, and then click "Global Find".
The SSL/TLS profile is found in Device > Certificate Management > SSL/TLS Service Profile.
10. Then update Azure Authentication Portals in Device > Authentication profile.
11. Once you have updated all components using the current certificate, click Commit, then preview commit changes, check that all changes are expected, if all good, validate the commit and then commit.