I did a dumb thing. I wanted to extend the validity period of the current device certificate, so I went to live.paloaltonetworks and generated a new OTP. However, back on the firewall, I find that the "get certificate" button is not available. It just shows that the current certificate is valid. I think the mismatch is generating these errors in the system log:
CloudAuthService Server certificate validation failed. Dest Addr: app-registry-service.apps.paloaltonetworks.com, Reason: self signed certificate in certificate chain
How do I delete or reset the current device certificate and reinstate the "get certificate" button so I can enter the new OTP?
... View more