Old certificate showing even after new certificate mapped to the ssl profile

Reply
L3 Networker

Old certificate showing even after new certificate mapped to the ssl profile

Hello,

 

We are using Software Version - 8.0.8, Global Protect Agent - 4.0.4

 

One user is able to connect the VPN through portal but when accessed the URL from the internet still seeing the old certificate after new certificated mapped.

 

We tried to reinstall the GlobalProtect client by accessing the GlobalProtect portal so the client pulls the latest certificate but no luck.

 

Any idea how to fix this?

 

Thanks in advance.

L7 Applicator

Re: Old certificate showing even after new certificate mapped to the ssl profile

@FarzanaMustafa,

This sounds like a client browser issue more than anything else. If the user accesses the portal via a different browser (such as Firefox/Chrome) do they still receive the old certificate? 

L3 Networker

Re: Old certificate showing even after new certificate mapped to the ssl profile

@BPry  yes it is happening in all browsers.

Highlighted
L7 Applicator

Re: Old certificate showing even after new certificate mapped to the ssl profile

If you're not interested in root cause or a real solution and just want to get past this issue, you can try a commit force from CLI or if you want to be even more aggressive you can restart the management plane (debug software restart process management-server). 

 

8.0.8 is about a year old and is also 8 maintenance revisions back. There aren't any clear fixes in the release notes that account for this specific behavior, there are several medium- and high-priority vulnerabilities fixed since then it may be worth upgrading first to see if the issue is resolved. Doing the upgrade also does a system restart and a commit, so you can get up to a more current version and try the debugging steps above at the same time if you're able to upgrade.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!