https://live.paloaltonetworks.com/t5/next-generation-firewall/warnings-in-certificate/m-p/578712#M2736 <P>Hello team:<BR />From your support; by browser I get the following warnings "NET::ERR_CERT_COMMON_NAME_INVALID" subsequently ERR_SSL_KEY_USAGE_INCOMPATIBLE, this validating in chrome and microsoft edge. Consequently I do not login to the portal, but it is working, GP agents connect without problem.<BR />The SSL/TLS profile, Min version "tlsv.1".o and max version "Max" protocols.</P> <P>Greetings.</P> <P>#NGFW</P> Wed, 28 Feb 2024 21:50:47 GMT manuellara 2024-02-28T21:50:47Z https://live.paloaltonetworks.com/t5/next-generation-firewall/warnings-in-certificate/m-p/578712#M2736 <P>Hello team:<BR />From your support; by browser I get the following warnings "NET::ERR_CERT_COMMON_NAME_INVALID" subsequently ERR_SSL_KEY_USAGE_INCOMPATIBLE, this validating in chrome and microsoft edge. Consequently I do not login to the portal, but it is working, GP agents connect without problem.<BR />The SSL/TLS profile, Min version "tlsv.1".o and max version "Max" protocols.</P> <P>Greetings.</P> <P>#NGFW</P> Wed, 28 Feb 2024 21:50:47 GMT https://live.paloaltonetworks.com/t5/next-generation-firewall/warnings-in-certificate/m-p/578712#M2736 manuellara 2024-02-28T21:50:47Z https://live.paloaltonetworks.com/t5/next-generation-firewall/warnings-in-certificate/m-p/578714#M2737 <P>Hello&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/213877">@manuellara</a>&nbsp;- you need a new certificate with a CN matching the host name of your firewall, and as TLSv1 has been deprecated you should use TLSv1.2 minimum.</P> Wed, 28 Feb 2024 21:53:51 GMT https://live.paloaltonetworks.com/t5/next-generation-firewall/warnings-in-certificate/m-p/578714#M2737 iarobertson 2024-02-28T21:53:51Z https://live.paloaltonetworks.com/t5/next-generation-firewall/warnings-in-certificate/m-p/578821#M2743 <P>Please also refer artical (&nbsp;<A href="https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClFoCAK" target="_blank">https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClFoCAK</A>&nbsp;) although it is for the GP,, but it gives good idea about recommendation for certificate.&nbsp;</P> Thu, 29 Feb 2024 10:38:02 GMT https://live.paloaltonetworks.com/t5/next-generation-firewall/warnings-in-certificate/m-p/578821#M2743 Ravi_Jadav 2024-02-29T10:38:02Z