{"id":17,"date":"2024-08-13T09:08:46","date_gmt":"2024-08-13T13:08:46","guid":{"rendered":"https:\/\/www.mechbay.us\/?p=17"},"modified":"2024-08-13T09:12:03","modified_gmt":"2024-08-13T13:12:03","slug":"manage-lets-encrypt-with-panw","status":"publish","type":"post","link":"https:\/\/www.mechbay.us\/index.php\/2024\/08\/13\/manage-lets-encrypt-with-panw\/","title":{"rendered":"Manage Let’s Encrypt With PANW"},"content":{"rendered":"\n

Using Let’s Encrypt in the lab to decrypt traffic traversing a Palo Alto Networks firewall. It was much easier to automate than I thought.

First, I just set WACS to store the certificate on disk when it does the renewal. Then a few commands using the firewall API<\/p>\n\n\n\n

\n
curl -F \"file=@c:\\pathtocertificate.pfx\" \"https:\/\/test.domain.com\/api\/?key=<APIKEY>&type=import&category=keypair&certificate-name=LECert&format=pkcs12&passphrase=<passphrase>

curl \"https:\/\/test.domain.com\/api\/?key=<APIKEY>&type=commit&cmd=<commit><\/commit>\"<\/code><\/pre>\n<\/blockquote>\n\n\n\n
If you get credential errors when trying to generate the API key, try to URL encode any special characters you have in your password.  And when curl gives you SSL errors, use the -k switch.<\/p>\n","protected":false},"excerpt":{"rendered":"
Using Let’s Encrypt in the lab to decrypt traffic traversing a Palo Alto Networks firewall. It was much easier to automate than I thought. First, I just set WACS to store the certificate on disk when it does the renewal. Then a few commands using the firewall API If you get credential errors when trying […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-17","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/www.mechbay.us\/index.php\/wp-json\/wp\/v2\/posts\/17","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.mechbay.us\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.mechbay.us\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.mechbay.us\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.mechbay.us\/index.php\/wp-json\/wp\/v2\/comments?post=17"}],"version-history":[{"count":3,"href":"https:\/\/www.mechbay.us\/index.php\/wp-json\/wp\/v2\/posts\/17\/revisions"}],"predecessor-version":[{"id":20,"href":"https:\/\/www.mechbay.us\/index.php\/wp-json\/wp\/v2\/posts\/17\/revisions\/20"}],"wp:attachment":[{"href":"https:\/\/www.mechbay.us\/index.php\/wp-json\/wp\/v2\/media?parent=17"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.mechbay.us\/index.php\/wp-json\/wp\/v2\/categories?post=17"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.mechbay.us\/index.php\/wp-json\/wp\/v2\/tags?post=17"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}