Palo Alto Networks Knowledgebase: SSL Certificates with HTTPS CRL

SSL Certificates with HTTPS CRL

2833
Created On 02/07/19 23:40 PM - Last Updated 02/07/19 23:41 PM
Device Management Initial Configuration Installation QoS Zone and DoS Protection
Resolution

Symptom

Use of an SSL Certificate with HTTPS for the CRL results in the SSL Certificate not being used.

 

Cause

The CRL checking process does not have the facility to support HTTPS calls, and thus will return an error:
[OCSP] Certificate status is unknown: depth:0


Resolution

CRL's that use HTTP are supported. Use SSL Certificates that utilize http for their CRL.

 

owner: jdelio



Attachments
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cly0CAC&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Attachments
Choose Language