Validation of Local client certificate failed resulting in error 58, Problem with the local SSL cert

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Validation of Local client certificate failed resulting in error 58, Problem with the local SSL cert

L4 Transporter

Hello,

 

Has anyone encoutered this error message below? I could not find much info on this.

Using PA500 with PAN-OS 8.1.4

 

domain: 1 receive_time: 2019/02/09 10:16:13 serial: 00xxxxxxxx seqno: 4858056 actionflags: 0x0 type: SYSTEM subtype: wildfire config_ver: 0 time_generated: 2019/02/09 10:02:12 dg_hier_level_1: 0 dg_hier_level_2: 0 dg_hier_level_3: 0 dg_hier_level_4: 0 vsys_name: device_name: FW01 vsys_id: 0 vsys: eventid: wildfire-auth-failed object: fmt: 0 id: 0 module: general severity: critical opaque: Validation of Local client certificate failed resulting in error 58, Problem with the local SSL certificate

10 REPLIES 10

Cyber Elite
Cyber Elite

@FarzanaMustafa,

By chance are you using a WF-500 and custom certificates? 

The alert is being emailing from the Pan. We are not using the Wildfire on prem box.

@FarzanaMustafa,

The only time I've seen that issue in the past was when running WF-500 boxes and custom certificates for auth. If the firewall issues the error more than once I would reach out to TAC and see if they can help you figure out exactly why you are seeing this error. If you are using the public WildFire cloud you shouldn't be getting this error at all. 

Same error here on 8.1.11 with a PA-220 and no local wildfire box

Did you guys ever resolve this?  I'm now experiencing the same issue.  No local WF box, but I did just upgrade our PA-3020s to 9.1.3 yesterday (never saw the error before that).  Thanks.

For our case, TAC suggested below.

 

-- Regarding the error message I see that the error started surfacing starting from 5th Nov 20:55:53.
-- However, the root cause of the issue is the sysd and snmpd crash on 6th Nov around the specified time.
-- We have seen similar issues before for PAN OS 8.0.x which is related to group in MP memory.
-- I see that the firewall is on PAN OS 8.0.18.
-- PAN OS 8.0.x is end of life and is no longer supported.
-- Please upgrade the PAN OS to 8.1.11 to prevent this behavior in future.

L0 Member

Thanks for the update.  Unfortunately for me, it doesn't look like the fix made it into 9.1 yet (or I'm missing it in the addressed issues list).

L0 Member

The issue is fixed at PAN-OS 9.1.10, its caused due to PAN ID PAN-157570

Now that 9.1.10 has been released, I checked out the release notes and I don't see that bug mentioned anywhere (either by number or description).  Where did you get the info that the fix was in that release?  Thanks.

  • 14381 Views
  • 10 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!