For details on cookie usage on our site, read our Privacy Policy
- Get Started
- News & Events
- Collaboration
- Education Services
- Technologies
- Next-Generation Firewall
- GlobalProtect
- Threat Prevention Services
- Endpoint Protection
- SSL Decryption
- App-ID
- Content-ID
- User-ID
- 5G
- IoT Security
- Cloud Identity Engine
- Panorama
- AIOps for NGFW
Network Security
- Prisma Access
- Prisma Cloud
- Prisma SD-WAN
- Cloud NGFW for AWS
- CN-Series
- VM-Series:
- Private Cloud
- OCI
- Alibaba
- AWS
- GCP
- Azure
Cloud Security
- Cortex XDR
- Cortex XSOAR
- Cortex Data Lake
- Cortex Xpanse
Security Operations
- Resources
Duplicate Certificate Subject Found
- LIVEcommunity
- Collaboration
- Discussions
- General Topics
- Duplicate Certificate Subject Found
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
Duplicate Certificate Subject Found
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
02-01-2018 11:42 PM
Cant get rid off this warning.we have deleted all duplicate certificates but couldnt get out of this warning when commit something
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
02-02-2018 02:13 AM
is this a wildcard cert...
it may be that you have a wild cart cert for *.fred.smiff.com and also a cert for just smiff.com.
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
02-02-2018 02:25 AM
no cancel that... obviously that would apply to all ".com" certs...
I did have a similar issue with licensing, tried to add new and told already activated, although it had been removed..
had to go via cli to remove it as not showing in GUI.
you could view all installed certs with one of the options under :-
show sslmgr-store
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
02-02-2018 02:28 AM
Can you please give me instructions how to solve it?
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
02-02-2018 06:33 AM
Once you've commit the configuration to ensure that any removals you've made have actually taken place, take a look at the certificate store and see if any of your listed certificates happen to have the same CN.
If it doesn't show up in the GUI I would verify with the 'show sslmgr-store config-ca-certificate' command that you don't have a stale cert hiding in the config.
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
02-26-2018 06:05 AM
hello if you found the duplicate cert with the command show sslmgr-store config-ca-certificate, how can you delete the stale cert hiding in the config?
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
02-26-2018 06:40 AM
@Marivi,Good point...
I would have thought "delete sslmgr-store config-ca-certificate <certificate name>
but i thought wrong...
I can only see this option in "configure" mode but that's for web-server, forward-trust and forward-untrust.
Have you found a duplicate hidden cert or just asking?
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
02-26-2018 06:48 AM
I have found a duplicate hidden, i have done >debug dataplane reset ssl-decrypt certificate-cache but this don't fix the problem, I have found next command > debug sslmgr delete crl all which do the same in management plane. I will inform you if the second command fix the problems... thank you for you fast answer
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
02-26-2018 07:04 AM
try this...
configure
delete shared ssl-decrypt trusted-root-ca ?
delete shared ssl-decrypt trusted-root-ca <certificate name>
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
02-26-2018 07:05 AM
no good...
no object to delete in delete handler
- Getting a 'Device certificate expires in 15 or less days' but all certs are valid in General Topics
- Failed to delete certificate - Invalid Location / Permission Denied in General Topics
- Integrate Captive Portal with ADFS using SAML Authentication in General Topics
- cannot commit - failure parsing config response module dhcpd in General Topics
- GP Issue Gateway Fake in GlobalProtect Discussions
Show your appreciation!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
