When renewing a certificate that was generated by PANOS the SANs are lost

When renewing a certificate that was generated by PANOS the SANs are lost

13289
Created On 02/26/20 22:08 PM - Last Modified 06/24/25 19:16 PM


Symptom


  • The original certificate had the SANs field populated.
  • Renewal of this certificate cause the SAN field to disappear on the PANOS device.

Environment


  • PAN-OS
  • Certificate with  Subject Alternative Name (SAN)

Cause


System Limitation due to OpenSSL not supporting SAN when renewing certificate.

Resolution


The workaround is to Generate a new similar certificate with the desired SAN field.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000POqOCAW&lang=en_US%E2%80%A9&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language