Error message: Failed to authenticate using OTP provided. Please check that OTP has not expired and has been generated for correct Panorama.

• Fetch OTP failed with the error message "Failed to authenticate using OTP provided. Please check that OTP has not expired and has been generated for correct Panorama."

   

admin@Panorama(primary-active)> request plugins cloud_services panorama-certificate fetch otp <value>
Failed to authenticate using OTP provided. Please check that OTP has not expired and has been generated for correct Panorama.
Failure

•  Another error message "Customer is not provisioned in CSP" appears in the LcaaS logs (less mp-log lcaas_agent.log)

21:05:27,842 lcaas_agent INFO response from orchestrator=b'{"code":401,"message":"Got error. No provisioned tenant id found for serial number in cert subject: ClientCert.Subject(commonName=017507001000, orgUnit=null, serialNumber=null, oid=OID.1.3.6.1.4.1.25461.4.22.1)","timeStamp":"2023-07-12T11:05:27.572Z"}'
21:05:27,842 lcaas_agent INFO Resp from cloud service : b'{"code":401,"message":"Got error. No provisioned tenant id found for serial number in cert subject: ClientCert.Subject(commonName=017507001000, orgUnit=null, serialNumber=null, oid=OID.1.3.6.1.4.1.25461.4.22.1)","timeStamp":"2023-07-12T11:05:27.572Z"}'
21:05:27,842 lcaas_agent ERROR Customer is not provisioned in CSP

• Panorama
• Cloud Plugin
• Prisma Access
• Cortex Data Lake (CDL)

• Log in to the hub and open the Cortex Data Lake app to the instance to which you are onboarding.
• Select Inventory > Panorama Appliances > Add.
• Select Add and Next.
• Select the Panorama appliances you want to onboard and Submit.

• Generate an OTP by going to the CSP, selecting Products > Cloud Services >Generate OTP, select the serial number of your Panorama appliance and click Generate OTP.
• In Panorama, select Panorama > Cloud Services > Configuration and click Verify.
• Paste the One-time Password you copied and click OK.