Import of Certificate and Private-Key failed. Internal Error. Failed to create xml node

Import of Certificate and Private-Key failed. Internal Error. Failed to create xml node

18979
Created On 09/25/18 17:52 PM - Last Modified 06/14/23 07:31 AM


Resolution


Issue

When importing a CA certificate generated by a Microsoft Certificate Authority to use as part of the SSL forward proxy decryption policy, the firewall returns this error:

Import of certificate and private-key <name of cert> failed. Internal error. Failed to create xml node.

The ms.log file reports more details on the error:

Jul 24 16:04:53 client useridd reported op command was SUCCESSFUL

Entity: line 4: parser error : xmlParseEntityRef: no name

subject=/C=US/ST=California/L=SanJose/O=Palo Alto & Co/OU=Security

^

Jul 24 16:05:34 Error: pan_string_to_xml(pan_xml_utils.c:76): xmlParseMemory() failed

Jul 24 16:05:34 Error: insert_cert_by_path_or_content(pan_ops_common.c:9483): In ternal error. Failed to create xml node.

In the example above, the parsing error is caused by the ampersand character in the certificate's name

Resolution

Generate a new certificate without the "&" character to resolve the parsing error

owner: acamacho
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClLCCA0&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language