Commit failing with error: certificate -> test_certificate -> private-key bad encryption or wrong masterkey after importing API fetched configuration.

Commit failing with error: certificate -> test_certificate -> private-key bad encryption or wrong masterkey after importing API fetched configuration.

1561
Created On 10/04/22 08:14 AM - Last Modified 10/31/25 09:15 AM


Symptom


  • Non SuperUser account is used to export configurations from XML API.
  • When trying to import and commit this configuration on a firewall, the following validation errors are seen.

​​​​​​​​​​​​​Configuration is invalid
Validation Error:
certificate -> test_certificate -> private-key bad encryption or wrong masterkey
certificate -> test_certificate -> private-key is invalid

Environment


  • Palo Alto Firewalls
  • Supported PAN-OS
  • XML API

Cause


When using non SuperUser account the Certificate private key is not imported along with the configuration.

Resolution


Use Superuser credentials to import the configuration using XML API.

Additional Information


https://x.x.x.x/api > export > configuration
https://x.x.x.x/php/rest/browse.php/export::configuration

 

XML API Url

/api/?type=export&category=configuration
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000sZNrCAM&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail