Operational Defect Database
BugZero updated this defect 3 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
Palo Alto Networks | PAN-163676
Next-Gen Firewalls are unable to connect to a syslog server when the certificates required to connect to the syslog server are part of a Certificate Profile ( Device Certificate Management Certificate Profile ) if the Use OCSP setting is enabled to check the revocation status of certificates. Workaround: Enable Use CRL to check the revocation status of certificates in the Certificate Profile.
Last update date:
5/16/2024
Affected products:
Pan OS
Affected releases:
10.2.0
Fixed releases:
No fixed releases provided.
Description:
The earliest recollection of this bug is traced back to PAN-OS 10.2.0 - May 16, 2024. Next-Gen Firewalls are unable to connect to a syslog server when the certificates required to connect to the syslog server are part of a Certificate Profile ( Device Certificate Management Certificate Profile ) if the Use OCSP setting is enabled to check the revocation status of certificates. Workaround: Enable Use CRL to check the revocation status of certificates in the Certificate Profile. For more information: https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-release-notes/pan-os-10-2-0-known-and-addressed-issues/pan-os-10-2-0-known-issues
