SSL Certificate - Signature Verification Failed Vulnerability

SSL Certificate - Signature Verification Failed Vulnerability

2866
Created On 04/26/23 21:23 PM - Last Modified 07/28/25 18:15 PM


Symptom


QID 38173
 

Environment


  • Qualys Scanner 
  • https://success.qualys.com/support/s/article/000003022

Cause


Your certificate assigned must be signed by a trusted third-party Certificate Authority.
 

Resolution


  • The scanner is unable to validate the SSL certificate.  This is not a vulnerability with PANW hardware, PAN-OS, or configuration.  The default certificate will not show up in the firewall by design and the scanner does not trust this certificate.  For more details please see the following: 
  • Admin Guide "Replace the Certificate for Inbound Management Traffic" :  https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/certificate-management/replace-the-certificate-for-inbound-management-traffic#ida90ea5d8-7a09-4a57-84e7-5d32e6031c16
  • KB article "How to Install a Chained Certificate Signed by a Public CA" https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClkoCAC
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000g1XOCAY&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language