The following error appears after a commit or a high severity system log event:
Key generation operation failed - RSA.Detail of system event:domain: 1receive_time: 2014/11/11 09:13:53serial: 012345678seqno: 11128actionflags: 0x0type: SYSTEMsubtype: generalconfig_ver: 0time_generated: 2014/11/11 09:13:53vsys: vsys1eventid: generalobject:fmt: 0id: 0module: generalseverity: highopaque: Key generation operation failed - RSA
This error only appears when FIPS (Federal Information Processing Standards 140-2) mode is enabled and:
This error is only a notification that the certificates are not FIPS compliant, but they are not service impacting.
Per the Admin Guide, requirements when enabling FIPS mode:
Any certificates that are inside of the configuration, used or not, need to match the FIPS requirements. Any certificates or SSH Key based authentication need to be 2048 bit or higher.
Contact Palo Alto Networks Support if any assistance is needed to resolve this issue.