Unable download WildFire and any content package from update server with "generic communication error" due to certificate

Unable download WildFire and any content package from update server with "generic communication error" due to certificate

13810
Created On 09/30/21 18:30 PM - Last Modified 10/03/21 07:11 AM


Question


Why I am seeing a "generic communication error" when I am trying to download the Wildfire package or any content package. 

The incident starts on time: Morning of September 30th, 2021.
The incident ends time: the late afternoon of September 30th, 2021.

Environment


All PAN-OS 

Answer


This issue happens when "Verify Update Server Identity" is checked on. We are actively working on resolving this issue.
You might see the following error.

User-added image

Workaround: 

The firewalls can restore their update server connection by disabling this validation check temporarily as a workaround so that they can continue receiving content updates.
Here is the screen capture 
User-added image
 

Please restore the setting after the above issue is resolved.

The reason for outages: 

Due to an upstream certificate provider issue, some customer firewalls were unable to download content from updates.paloaltonetworks.com on September 30, 2021, between 7:30 a.m. and 12:30 p.m. PDT. Palo Alto Networks identified the issue to be an expired third-party provider certificate, which may have delayed some customers' firewalls from securely downloading new content. This issue has been resolved. Palo Alto Networks has moved to an alternate certificate provider.

Check the current status of the content packet service: 

https://status.paloaltonetworks.com/

Additional Information


Here is the live link.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000004LtuCAE&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language