Error message 'Thermite certificate is used for CDL communication' when trying to fetch Cortex Data lake certificate

• A Strata NGFW (Next generation firewall) admin have Cortex Data Lake (CDL) license on a firewall.
• To troubleshoot an issue with CDL functionality, the admin runs one of the following commands on the firewall command line interface which throws an error.

admin@PA220> request logging-service-forwarding certificate delete
Server error : Thermite certificate is used for CDL communication

admin@YogeshHomePA220> request logging-service-forwarding certificate info
Server error : Thermite certificate is used for CDL communication

• The same error is displayed when an admin attempts to onboard a Firewall running 10.1 PanOS to cortex data lake using old pre-shared key method.

• Palo Alto Strata Firewall with Cortex Data lake license
• PanOS version 10.1 or above

• The error message is expected on PanOS version 10.1 and above.
• Starting with 10.1, Cortex data lake no longer requires a separate certificate and uses the device certificate instead.
• Do not attempt to use the old method of PSK (PreShared Key) to onboard ata lake for a firewall running 10.1.0 or above.

1. This error message does not have any impact on the CDL functionality.
2. Install the device certificate on the firewall as directed and follow the steps described in Onboard Firewalls without Panorama (10.1 or Later).

admin@PA220> show device-certificate info
admin@PA220> show device-certificate status
admin@PA220> request logging-service-forwarding status
admin@PA220> show logging-status