Validation of Local client certificate failed resulting in error 58, Problem with the local SSL cert

Reply
Highlighted
L4 Transporter

Validation of Local client certificate failed resulting in error 58, Problem with the local SSL cert

Hello,

 

Has anyone encoutered this error message below? I could not find much info on this.

Using PA500 with PAN-OS 8.1.4

 

domain: 1 receive_time: 2019/02/09 10:16:13 serial: 00xxxxxxxx seqno: 4858056 actionflags: 0x0 type: SYSTEM subtype: wildfire config_ver: 0 time_generated: 2019/02/09 10:02:12 dg_hier_level_1: 0 dg_hier_level_2: 0 dg_hier_level_3: 0 dg_hier_level_4: 0 vsys_name: device_name: FW01 vsys_id: 0 vsys: eventid: wildfire-auth-failed object: fmt: 0 id: 0 module: general severity: critical opaque: Validation of Local client certificate failed resulting in error 58, Problem with the local SSL certificate

Highlighted
Cyber Elite

@FarzanaMustafa,

By chance are you using a WF-500 and custom certificates? 

Highlighted
L4 Transporter

The alert is being emailing from the Pan. We are not using the Wildfire on prem box.
Highlighted
Cyber Elite

@FarzanaMustafa,

The only time I've seen that issue in the past was when running WF-500 boxes and custom certificates for auth. If the firewall issues the error more than once I would reach out to TAC and see if they can help you figure out exactly why you are seeing this error. If you are using the public WildFire cloud you shouldn't be getting this error at all. 

Highlighted
L1 Bithead

Same error here on 8.1.11 with a PA-220 and no local wildfire box

Highlighted
L1 Bithead

Did you guys ever resolve this?  I'm now experiencing the same issue.  No local WF box, but I did just upgrade our PA-3020s to 9.1.3 yesterday (never saw the error before that).  Thanks.

Highlighted
L4 Transporter

For our case, TAC suggested below.

 

-- Regarding the error message I see that the error started surfacing starting from 5th Nov 20:55:53.
-- However, the root cause of the issue is the sysd and snmpd crash on 6th Nov around the specified time.
-- We have seen similar issues before for PAN OS 8.0.x which is related to group in MP memory.
-- I see that the firewall is on PAN OS 8.0.18.
-- PAN OS 8.0.x is end of life and is no longer supported.
-- Please upgrade the PAN OS to 8.1.11 to prevent this behavior in future.

Highlighted
L0 Member
Highlighted
L1 Bithead

Thanks for the update.  Unfortunately for me, it doesn't look like the fix made it into 9.1 yet (or I'm missing it in the addressed issues list).

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!