Certificate cannot be deleted because of references from xxx

Certificate cannot be deleted because of references from xxx

1509
Created On 11/29/23 01:10 AM - Last Modified 06/17/24 10:09 AM


Symptom


  • Trying to delete the forward-untrust-certificate results in error.
Failed to delete Certificate - xxxx-fwd-untrust.
xxxx-fwd-untrust cannot be deleted because of references from: template -> Mobile_User_User_Certificate.
template -> Mobile_User_Template -> config -> devices -> localhost.localdomain -> vsys -> vsys1 -> ssl-decrypt -> forward-untrust-certificate -> rsa

Environment


  • Panorama managed Prisma Access
  • Supported PAN-OS versions
  • Forward-untrust-certificate

Cause


The certificate being deleted is referenced in the template.

Resolution


  1. Use the following CLI commands to delete the certificate.
  2. Commit the configuration.
> configure
# delete template Mobile_User_Template config shared ssl-decrypt forward-untrust-certificate rsa
# delete template Mobile_User_Template config vsys vsys1 ssl-decrypt forward-untrust-certificate rsa
# delete template Mobile_User_Template config shared certificate <certificate name>
# delete template Mobile_User_Template config vsys vsys1 certificate <certificate name>
# commit force
# exit
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008W2YCAU&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail