The exact steps are performed by Palo Alto TAC with root access. Attempting to delete certificate files directly without TAC guidance can cause additional issues. After TAC clears the certificate data, a new OTP can be generated and the certificate fetch can be performed again.
To help narrow down the exact issue, could you tell me your firewall is currently running, and if this device was recently replaced via an RMA ? Share public link The exact steps are performed by Palo Alto
Before modifying cryptographic settings, ensure the firewall has unhindered access to Palo Alto cloud services. Log into the Firewall CLI. The exact steps are performed by Palo Alto