Untrusted certificate is presented to users when performing SSL decryption instead of the trusted certificate.
This issue is likely caused by a problem loading certificates. Please examine the supervisor.log file vie the CLI with the following command:
> less mp-log supervisor.log
Look for errors similar to this:
mp\supervisor.log 04-30 17:17:19 Error: pan_ssl_load_tcas(pan_ssl.c:1555): an_ssl_load_ca_file() failed '/opt/pancfg/certificates/predefined/pan100.cer'
If certificate load errors are present, restart the firewall.
If the issue persists, re-install the PAN-OS version or contact support.