Import of Certificate and Private-Key failed. Internal Error. Failed to create xml node
Resolution
Issue
When importing a CA certificate generated by a Microsoft Certificate Authority to use as part of the SSL forward proxy decryption policy, the firewall returns this error:
Import of certificate and private-key <name of cert> failed. Internal error. Failed to create xml node.
The ms.log file reports more details on the error:
Jul 24 16:04:53 client useridd reported op command was SUCCESSFUL
Entity: line 4: parser error : xmlParseEntityRef: no name
subject=/C=US/ST=California/L=SanJose/O=Palo Alto & Co/OU=Security
^
Jul 24 16:05:34 Error: pan_string_to_xml(pan_xml_utils.c:76): xmlParseMemory() failed
Jul 24 16:05:34 Error: insert_cert_by_path_or_content(pan_ops_common.c:9483): In ternal error. Failed to create xml node.
In the example above, the parsing error is caused by the ampersand character in the certificate's name
Resolution
Generate a new certificate without the "&" character to resolve the parsing error
owner: acamacho