Error: Certificate "Certificate_name" failed to load: Unmatched certificate and key

Error: Certificate "Certificate_name" failed to load: Unmatched certificate and key

9225
Created On 10/29/22 00:48 AM - Last Modified 10/08/24 20:26 PM


Symptom


The following error message is displayed when a certificate is generated on firewall and signed by an external authority. 
Error: Certificate "Certificate_name" failed to load: Unmatched certificate and key

 

Environment


  • PAN-OS 9.1+ later 
  • Certificates

Cause


  • This behavior is mainly observed when cryptographic algorithm is set to "Elliptic Curve DSA" with no of bits set to one value and digest with a different value. 
  • For example : If the number of bits are set to "384" and Digest to " sha256 " the issue is observed. 

 

Resolution


  1. Configure the certificate to have the Number of bits and Digest to be of the "same" value. 
  2. Example shown below where the number of bits is 256 and the Digest is sha256.
 
 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000kEs5CAE&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language