User-ID Agent connection is lost after restarting UIA service

• The connection between User-ID agent (UIA) and Firewall is lost. 
• Issue occurs after restarting the User-ID Agent service.
• This is observed after new certificate is installed on the PAN-OS and User-ID Agent (Reference : Customer Advisory)
• The following logs are seen on the Firewall distributord.log (less mp-log distributord.log)

 18:18:47.042 +0800 conn UIA is not connected.
 18:18:47.043 +0800 add socket fd 1027(UIA) into epoll 2 [prev total fds: 0, jobid: 0].
 18:18:47.043 +0800 debug: pan_dcom_epoll_add_event(pan_dcom.c:145): add socket fd 1027(UIA) into epoll with event 5.
 18:18:47.043 +0800 agent UIA didn't establish secure communication yet
 18:18:47.043 +0800  18:18:47.043 +0800 pan_dcom_epoll: start epoll thread 2 at 1732097927(epoch: 1732097927)
debug: pan_distributor_agent_proc(pan_distributor_agent.c:3261): agent 'UIA' stop processing
 18:18:47.086 +0800 debug: pan_dcom_ssl_notify(pan_dcom_ssl.c:501): ssl receive event 3 on conn UIA
 18:18:47.086 +0800 [agent UIA] DCOM_SSL_CLNT_PRE_CONN
 18:18:47.141 +0800 Error:  pan_distributor_agent_verify_cert_cb(pan_distributor_agent.c:1716): [secure_conn] Failed to retrieve distributor, distributord exiting!
 18:18:47.141 +0800 Error:  pan_dcom_ssl_connect(pan_dcom_ssl.c:317): conn UIA: SSL_connect return -1
 18:18:47.141 +0800 Error:  pan_dcom_ssl_connect(pan_dcom_ssl.c:318): SSL :error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
 18:18:47.141 +0800 Error:  pan_dcom_app_notify_callback(pan_dcom_sock.c:476): conn UIA failed in ssl notify, event:3
 18:18:47.141 +0800 conn UIA is not connected yet, err = 0

• Palo Alto Firewalls
• PANOS 11.1.2-h3
• User-ID Agent (UIA): 11.0.1

Software defect PAN-271700.

1. Upgrade PAN-OS to 11.1.8 or 11.2.8 or later to address PAN-271700.
2. The temporarily workaround is to commit on the firewall.