11-14-2023 01:00 PM
I recommend reviewing the customer advisory linked above in detail in order to understand the next steps and applicability. Essentially, the root and default certificate on PAN-OS will expire on December 31, 2023 - if not renewed before that date, this will result in firewalls and/or Panorama losing connectivity to our cloud services as well as between each other when data redistribution (User-ID, Tags, etc.) is configured, potentially causing an impact to network traffic.
All of our Palo Alto firewalls and Panorama running in software version - 10.2.5 , do we need to upgrade it or its already fixed.
11-14-2023 04:48 PM
HI @kdamodaran ,
On 10.2.5 you are good to go. On 10.2.4 or greater, the PA root certificates are included.
11-15-2023 03:10 AM
HI there, I've received the same message when logging in to our firewall. Current version is 10.1.3. I followed the link on the firewall which brought me here but it tells me i do not have access permissions to get to see how i remedy this issue. Can someone please help with this...Ill happily renew the certificate if Palo Alto will be so kind as to let us know how it is done!
11-15-2023 04:18 AM
Same here . shows access denied for me too.
11-15-2023 09:38 AM
If the firewall is running in version 10.1.3, I recommend upgrading to target version as per below snapshot.
11-15-2023 09:39 AM
Please help out other users and “Accept as Solution” if a post helps solve your problem !
Read more about how and why to accept solutions.
11-16-2023 06:53 AM
getting access denied error for this url , how to fix it ? https://live.paloaltonetworks.com/t5/customer-advisories/emergency-update-required-pan-os-root-and-d...
11-16-2023 07:53 AM
My guess would be you have a 'free' account on the Live community instead of a customer/partner account? That page is only accessible if you have a support enabled account (access to support.paloaltonetworks.com)
11-16-2023 07:54 AM
Please help out other users and “Accept as Solution” if a post helps solve your problem !
Read more about how and why to accept solutions.
11-20-2023 06:23 AM
same problem here, i cant see de link because i don't have "special priviledges"
11-29-2023 10:00 AM
Essentially, as long as you are in one of the versions appearing in @KDamodaran1's table and install the content update 8776-8390 or later, you should be fine. Said content update pretty much carries the new certificate.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
