Duplicate Certificate Subject Found

Reply
Highlighted
L7 Applicator

Re: Duplicate Certificate Subject Found

OK...

 

configure

 

delete shared certificate ?

delete shared certificate <certificate name>

 

 

works for me.....

Highlighted
L1 Bithead

Re: Duplicate Certificate Subject Found

I met the same issue, but found a problem in Network > Global Protect > Portals > GlobalProtect Portal Configuration > Agent > TrustedRoot CA. There was a certificate, whos CN duplicated the other one. But that certificate wasn't in the Certificates list in Certificates management.

 

Hope it will help somebody.

Highlighted
L0 Member

Re: Duplicate Certificate Subject Found

Hi,

Hoping to revive this thread, I'm having the exact same issue.


Certificates visible with 'show sslmgr-store config-ca-certificate' and under 'Network > GlobalProtect > Portals' and under Agent Configuration and the Dropdown menu for Trusted Root CA. But nowhere else...

 

I've tried everything I can think of, the certificate is not available under the delete and debug commands, even in configuration mode.

I'm currently on release 9.0.x but I don't think this is associated with a particular release.

 

Did anyone find a solution for this?

 

Highlighted
L1 Bithead

Re: Duplicate Certificate Subject Found

I'm also having the exact same issue and on 9.0.x 

 

This is a problem.

Highlighted
L0 Member

Re: Duplicate Certificate Subject Found

I'm also having this problem but running version 8.1.14.

 

This problem started when a certificate expired. I selected the certificate and tried to renew it, but the firewall gave an error message saying that it could not read the certificate. I later made another certificate, with the intent of configuring it into the place of the expired certificate, with the same IP address. Just for fun, I tried renewing the certificate and it successfully renewed it.

 

I deleted the freshly created certificate that was still unused, but started receiving the error on commits. The certificate exists in some form in the GUI (provided for an option for GlobalProtect TrustedRootCA), but does not exist in Device > Certificate > Certificate management.

 

It exists in the CLI as well, but I'm unsure of the command to delete the certificate.

Help appreciated!

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!