Creating a Mapped Secret
Create mapped secrets to use in decryption profiles to decrypt and inspect SSL/TLS traffic with SSL forward proxy or SSL Inbound inspection.
- Create a policy to contain the mapped secret.
- Set up certificate authentication using the Oracle Cloud Infrastructure Vault service to use in the mapped secret.
See Creating Network Firewall Policy Components for more information.
Important
Some names are reserved by Palo Alto Networks®. If you create a policy component with a reserved name, the process fails with an error. See Reserved Names.
Some names are reserved by Palo Alto Networks®. If you create a policy component with a reserved name, the process fails with an error. See Reserved Names.
Use the network-firewall mapped-secret create command and required parameters to create a mapped secret:
oci network-firewall mapped-secret create --name my_mapped_secret --source OCI_VAULT --network-firewall-policy-id network firewall policy OCID --compartment-id compartment OCID --type SSL_INBOUND_INSPECTION --vault-secret-ID secret OCID --version-number integer [OPTIONS]
For a complete list of parameters and values for CLI commands, see the CLI Command Reference.
Run the CreateMappedSecret operation to create a mapped secret.