Error Message: OpenSSL SSL_connect: SSL_ERROR_SYSCALL

Error Message: OpenSSL SSL_connect: SSL_ERROR_SYSCALL

53015
Created On 11/18/20 23:26 PM - Last Modified 07/02/21 20:55 PM


Symptom


  • Trying to install a Device Certificate from Customer Support Portal.
  • After Entering the OTP generated under GUI: Device > Setup > Management  > Device Certificate, the following Error message is seen:

OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to certificate.paloaltonetworks.com:443


 

Environment


  • Palo Alto 3050 Firewall.
  • PAN-OS 9.1 and above.
  • Using an inband interface for management access to Palo Alto Network services

Cause


Traffic getting blocked due to missing security policy. Using an inband interface to obtain the device certificate from the CSP (Customer Support Portal ) requires a security policy to allow the traffic.

Resolution


When using an inband interface (instead of the Management port) to connect to the Customer Support Portal to obtain the device certificate. Ensure the "Security Policy" is set to allow the traffic.
  1. Select GUI: Policies > Security and "Add"  a new rule.
  2. For the application make sure to add "paloalto-shared services"
  3. Commit

 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000HBgsCAG&lang=en_US%E2%80%A9&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language