Wrong Certificate used when SSL Decryption is enabled.
Created On 09/25/18 19:52 PM - Last Updated 02/18/20 23:08 PM
Untrusted certificate is presented to users when performing SSL decryption instead of the trusted certificate.
- Any NGFW
- SSL Decryption
- Any PAN-OS
This issue is likely caused by a problem loading certificates. Please examine the supervisor.log file vie the CLI with the following command:
> less mp-log supervisor.log
Look for errors similar to this:
mp\supervisor.log 04-30 17:17:19 Error: pan_ssl_load_tcas(pan_ssl.c:1555): an_ssl_load_ca_file() failed '/opt/pancfg/certificates/predefined/pan100.cer'