
OPERATIONAL DEFECT DATABASE
...

...
The earliest recollection of this bug is traced back to PAN-OS 10.1.0 - July 22, 2025. Next-Gen Firewalls are unable to connect to a syslog server when the certificates required to connect to the syslog server are part of a Certificate Profile ( Device Certificate Management Certificate Profile ) if the Use OCSP setting is enabled to check the revocation status of certificates. Workaround: Enable Use CRL to check the revocation status of certificates in the Certificate Profile. For more information: https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-release-notes/pan-os-10-1-0-known-and-addressed-issues/pan-os-10-1-0-known-issues https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-release-notes/pan-os-10-2-0-known-and-addressed-issues/pan-os-10-2-0-known-issues https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-release-notes/pan-os-9-1-release-information/known-issues/known-issues-related-to-pan-os-9-1-releases
Palo Alto Networks Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.