Palo Alto Networks Knowledgebase: Wrong Certificate used when SSL Decryption is enabled.

Wrong Certificate used when SSL Decryption is enabled.

3859
Created On 08/05/19 20:23 PM - Last Updated 08/05/19 20:36 PM
Resolution

Symptoms

Untrusted certificate is presented to users when performing SSL decryption instead of the trusted certificate.

 

Resolution

This issue is likely caused by a problem loading certificates. Please examine the supervisor.log file vie the CLI with the following command:

> less mp-log supervisor.log

 

Look for errors similar to this:

 

mp\supervisor.log 04-30 17:17:19 Error: pan_ssl_load_tcas(pan_ssl.c:1555): 
an_ssl_load_ca_file() failed '/opt/pancfg/certificates/predefined/pan100.cer'

 

If certificate load errors are present, restart the firewall.

 

If the issue persists, re-install the PAN-OS version or contact support.

 

owner: bryan

 



Attachments
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Clg8CAC&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Attachments
Choose Language