https://live.paloaltonetworks.com/t5/general-topics/globalprotect-certificate-auth-debug/m-p/203426#M59938 <P>Yes, this would be helpful. Just recently I had a situation where an Ubuntu Client received a certificate from the wrong intermediate CA, so the connection failed until we coincidentally found this ... would have been a lot easier when there was a log that simply shows "wrong CA" <span class="lia-unicode-emoji" title=":face_with_tongue:">😛</span></P> Sun, 04 Mar 2018 14:05:49 GMT Remo 2018-03-04T14:05:49Z https://live.paloaltonetworks.com/t5/general-topics/globalprotect-certificate-auth-debug/m-p/189733#M57392 <P>could anyone please advise a good&nbsp;way via cli to debug&nbsp;certificate authentication.</P><P>&nbsp;</P><P>I have followed most of the log files but cannot find one related to GP authentication.</P><P>&nbsp;</P><P>many thanks in advance...</P> Mon, 04 Dec 2017 11:32:17 GMT https://live.paloaltonetworks.com/t5/general-topics/globalprotect-certificate-auth-debug/m-p/189733#M57392 Mick_Ball 2017-12-04T11:32:17Z https://live.paloaltonetworks.com/t5/general-topics/globalprotect-certificate-auth-debug/m-p/203426#M59938 <P>Yes, this would be helpful. Just recently I had a situation where an Ubuntu Client received a certificate from the wrong intermediate CA, so the connection failed until we coincidentally found this ... would have been a lot easier when there was a log that simply shows "wrong CA" <span class="lia-unicode-emoji" title=":face_with_tongue:">😛</span></P> Sun, 04 Mar 2018 14:05:49 GMT https://live.paloaltonetworks.com/t5/general-topics/globalprotect-certificate-auth-debug/m-p/203426#M59938 Remo 2018-03-04T14:05:49Z