I purchased a certificate from a public CA to be used for a Global Protect deployment. When I originally imported the certificate, I failed to import the chained certificate per the instructions at https://live.paloaltonetworks.com/t5/Management-Articles/How-to-Install-a-Chained-Certificate-Signed... I only installed the server certificate and not the intermediate.
Following the instructions from https://live.paloaltonetworks.com/t5/Management-Articles/Fix-For-Error-When-Importing-Chained-PEM-Fo... I am unable to reimport that chained certificate I am manually assembling.
When I attempt to commit, I get the following error:
Commit job 14578 is in progress. Use Ctrl+C to return to command prompt
......55%
Error: Certificate company_GPVPN failed to load: Unmatched certificate and key
Error loading vsys cfg
failed to handle CONFIG_UPDATE_START
Error: response from cfgpush.s1.dp0.comm.cfg-dp: Certificate company_GPVPN failed to load: Unmatched certificate and key
Error loading vsys cfg
failed to handle CONFIG_UPDATE_START
(Module: device)
Commit failed
[edit]
Is this a result of the private key already being tied to the original certificate import by way of the CSR?
