How exactly do I do this? The firewalls being pushed to are brand new out of the box. I have never had issues with pushing app updates or software before? Did they change something out of the box? My issue is EVERY palo we unbox has to manually be updated on the firewall itself, panorama fails to push to every single one with this same error message. "Download error: Problem with the local SSL Certificate"
2021-05-06 09:37:16.178 +0200 Error: download_url(pan_deploy_client.c:554): Failed to get DLSRVR client key.
2021-05-06 09:37:16.189 +0200 Error: download_url(pan_deploy_client.c:591): Curl failed; Error: 'unable to set private key file: '/etc/dlsrvr.d/client_sha256.key' type PEM(dest => 172.20.3.20)' [Code: 58 (Problem with the local SSL certificate)]
2021-05-06 09:37:16.440 +0200 Error: pan_mgmt_cms_handle_xfer_request(pan_deploy_client.c:889): Deploy dl error: 58.
2021-05-06 09:37:16.440 +0200 Error: pan_mgmt_cms_handle_xfer_request(pan_deploy_client.c:1024): Download error: Problem with the local SSL certificate. (58)
If they are present reinstalling the current, or installing higher, PAN-OS version and rebooting the PA should resolve the issue.
TAC was unable to explain why those files got corrupted in my case.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!