How to renew the expired Device Certificate

How to renew the expired Device Certificate

98431
Created On 09/05/22 01:36 AM - Last Modified 12/16/22 04:58 AM


Objective


Device Certificate Status display "Expired" under "show device-certificate status". How to renew the same? 
> show device-certificate status

Device Certificate information:
	Current device certificate status: Expired
	Not valid before: 2022/04/01 00:00:00 PDT
	Not valid after: 2022/06/30 00:00:00 PDT
	Last fetched timestamp: 2022/06/30 05:00:00 PDT
	Last fetched status: failure
	Last fetched info: Failed to renew device certificate.
Failed to send request to CSP server.
Error: *****

Environment


  • Palo Alto Firewalls.
  • PAN-OS 9.1.2 and later releases.
  • Device Certificate.

Procedure


  1. Device Certificate is valid for 90 days since generating.
  2. The Firewall device will check nightly and automatically renew its certificate 15 days prior to the expiration of the existing certificate.
  3. If the automatic renewal is failed and the device certificate expires, the customer needs to go through the certificate onboarding process again as described in Administrator's Guide.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000wlTfCAI&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language