Operational Defect Database

BugZero updated this defect 7 days ago.

Palo Alto Networks | PAN-163676

Next-Gen Firewalls are unable to connect to a syslog server when the certificates required to connect to the syslog server are part of a Certificate Profile ( Device Certificate Management Certificate Profile ) if the Use OCSP setting is enabled to check the revocation status of certificates. Workaround: Enable Use CRL to check the revocation status of certificates in the Certificate Profile.

Last update date:

7/11/2024

Affected products:

Pan OS

Affected releases:

10.2.0

Fixed releases:

No fixed releases provided.

Description:

The earliest recollection of this bug is traced back to PAN-OS 10.2.0 - July 11, 2024. Next-Gen Firewalls are unable to connect to a syslog server when the certificates required to connect to the syslog server are part of a Certificate Profile ( Device Certificate Management Certificate Profile ) if the Use OCSP setting is enabled to check the revocation status of certificates. Workaround: Enable Use CRL to check the revocation status of certificates in the Certificate Profile. For more information: https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-release-notes/pan-os-10-2-0-known-and-addressed-issues/pan-os-10-2-0-known-issues

Additional Resources / Links

Share:

BugZero® Risk Score

What's this?

Coming soon

Status

Known

Learn More

Search:

...