The earliest recollection of this bug is traced back to PAN-OS 8.1.12 - January 09, 2024.
This bug is fixed in PAN-OS versions 8.1.12.
Fixed an issue where certificate revocation list (CRL) and Online Certificate Status Protocol (OCSP) checks did not respond as expected when you configured Block session if certificate status is unknown .
For more information:
https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-release-notes/pan-os-8-1-addressed-issues/pan-os-8-1-12-addressed-issues
