Pre-logon Fails with Issued Machine Certificate

Pre-logon Fails with Issued Machine Certificate

14111
Created On 09/25/18 18:50 PM - Last Updated 02/07/19 23:51 PM


Resolution

Issue

Pre-logon fails when the machine certificate is issued by customer's PKI. The following errors appear in the PanGPS.log:

Opened machine store

Skipped cert issued by <Isssuer Name>

Finished searching machine store.

Failed to find the cert issued by <Isssuer Name> in machine store

Resolution

The most likely cause of this issue is an empty subject field in the machine certificate. Make sure that the machine certificate used for pre-logon authentication has a non-empty subject.
Certificate.PNG

See also

GlobalProtect Configuration Tech Note

owner: ncackov



Attachments
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClR8CAK&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Attachments
Choose Language