Dynamic Update Fails with Image File Authentication Error Message

Dynamic Update Fails with Image File Authentication Error Message

Created On 09/25/18 19:38 PM - Last Modified 03/15/19 14:38 PM



Dynamic Updates fail with the following error message: "content update failed with the following messages: Image File Authentication Error Failed to extract rpm file /opt/pancfg/mgmt/content-images/tmp/panupv2-all-contents-313-1422.tgz".


Manually installing the update package will also result in the same error.





There are 3 different ways to resolve this issue. 


Solution 1 - Change update server

If you are using staticupdates.paloaltonetworks.com and running on PAN-OS 7.1.7, you need to change your update server

Inside of the WebGUI, Device > Setup > Services, change the update server from staticupdates.paloaltonetworks.com to updates.paloaltonetworks.com as a workaround.

Note:  Please be sure to ensure that you are not limiting the device via a security rule to access just the IP address of staticupdates.paloaltonetworks.com - (to be used for connectivity troubleshooting only), If so, you will have to adjust to the new IP/URL:

updates.paloaltonetworks.com - , commit and test.

2017-02-06_Update server.pngDevice > Setup > Services window showing the update server details.


Solution 2 - Remove updates and redownload them

Removing all the content updates and re-downloading them can also solve this issue.

You can perform this step via the WebGUI inside Device > Dynamic Updates 

Delete the updates through the GUI and see if you can run a "check now" and that it downloads the new update.  Then perform the commit and see if it completes without errors.

2017-02-06_delete update.pngDevice > Dynamic Update screen showing how to delete an update.

Via the CLI, please try deleting the content package with the below command and re-download and commit:


admin@myNGFW> delete content update 
  <value>  Filename


Solution 3 - Reinstall OS

As a last step, if the 2 other solutions do not help, then you can reinstall PAN-OS on the device.

To reinstall PAN-OS, follow the steps below:

  1. Backup the current configuration.
    Refer to Step 1 in the following document: How to Save an Entire Configuration for Import into Another Palo Alto Networks Device
  2. Reinstall the software, go to Device > Software and choose the desired PAN-OS version, and click Reinstall under Action:
    reinstall software.png
  3. Reboot the device.
  4. Check and Install latest Dynamic Update.


owner: rkalugdan 


P.S. Thanks for the contribution to this article. it helps us all.

- Live Community Team


  • Print
  • Copy Link


Choose Language