Certificate chain not correctly formed

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Certificate chain not correctly formed

L4 Transporter

Hello,

 

I am getting the warning below after importing a certificate. Is there a link/KB I can check to fix this?

 

Warning: certificate chain not correctly formed in certificate dc1pa.abcd.com.au

 

Thanks in advance!

5 REPLIES 5

Hi @Farzana

In order to fix this issue, you need to upload a copy of your Root CA and and Intermediate CA to the firewall.

 

This should fix the issue.

 

Hi @acc6d0b3610eec313831f7900fdbd235

 

Thanks for the response. Do you mean import the certs? If not, what steps I need to take?

 

Cert.png

Correct, you need to first get a copy of your Root CA and Intermediate CA. The Intermediate CA is not actually mandatory unless you have one. Then click in the Import button. Map to each one of the certificates, and click in OK. It will upload, and if everything is correct the certificate chain should be formed with no problems.

Hi @acc6d0b3610eec313831f7900fdbd235,

 

We currently have a wildcard SSL certificate that we use on Apache servers, Microsoft IIS servers, Cisco devices and when we try to import that same certificate to the Palos. However, we are unable to use that certificate (Device -> Certificates -> SSL/TLS Service Profile) i.e. we are unable to select the imported certificate.


Certificate.png

We have also exported the certificates and keys from IIS and imported them to the Palos and we receive the following error message - "Warning: certificate chain not correctly formed in certificate". We have followed the links as well as the method described below and still get the same error message as above.

Is there a guide to install a certificate on Palo similar to this (this is for a Cisco ASA)?


https://search.thawte.com/support/ssl-digital-certificates/index?page=content&id=SO22529&actp=search...

Exact same issue. Did you ever get it resolved?

  • 8826 Views
  • 5 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!