07-08-2025 09:27 PM
We are currently setting up a PA-VM Firewall under the Alibaba Cloud Platform. However, we are encountering an issue with GlobalProtect. The client keeps showing an error stating that the certificate is not within its validity period, even though the certificate is valid until July 2026, as this setup was just recently provisioned.
We have already manually installed the certificate on the client devices, including the root CA, but the issue still persists.
GlobalProtect #CertificateIssue
07-12-2025 08:43 AM
Hi @Glenyvie ,
Which GP client version are you running? Where did you get your cert from? I would double check to make sure the entire cert chain (root and any intermediate CAs) have correctly been imported into the firewall and the client machine (trusted root cert store). Id also verify the correct SSL/TLS profile is being referenced in the Portal and Gateway.
07-15-2025 04:56 AM
s this issue resolved itself in the meantime?
most commonly this issue happens when you have a brand new certificate and due to misconfiguration in the time of the firewall or client (no NTP, wrong timezone, wrong time or date,...) and the system thinks it has not reached the starting ValidFrom date&time on the certificate yet
setting up NTP everywhere and ensure the right timezone etc usually fixes this issue
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
