Pricing

Outage in Palo Alto Networks

SSL Forward Proxy decryption failures for sessions using DigiCert CA

Resolved Minor

March 10, 2023 - Started about 2 years ago - Lasted 14 days
Official incident page

Need to monitor Palo Alto Networks outages?
Stay on top of outages with IsDown. Monitor the official status pages of all your vendors, SaaS, and tools, including Palo Alto Networks, and never miss an outage again.
Start Free Trial

Outage Details

The users may be presented with an expired certificate that was signed by the forward proxy for websites that use Digicert CA certs in the certificate cache. We are continuing to investigate this issue and we will update about the next steps by March 10, 10 PM UTC

Latest Updates ( sorted recent to last )

RESOLVED about 2 years ago - at 03/24/2023 03:07PM

This incident has been resolved.

MONITORING about 2 years ago - at 03/11/2023 04:34AM

We are continuing to monitor for any further issues.

MONITORING about 2 years ago - at 03/11/2023 04:33AM

After reviewing internally with the teams, the below fix has been identified to address the issue:

Modify any of the following configurations and commit the changes. This will automatically clear the certificate cache.

Decryption policy
Decryption profile
Device Certificates - Must check Trusted Root CA to clear the cache if adding a certificate. When importing intermediate CA certificate please follow the steps in the following tech doc

If you continue to run into issues despite applying the above recommended changes, please reach out to the support team to assist further.

IDENTIFIED about 2 years ago - at 03/10/2023 10:11PM

The issue has been root caused and the SRE/Dev team are working internally to determine the steps to fix the issue.
The next update will be shared by March 11, 02:00 AM UTC

IDENTIFIED about 2 years ago - at 03/10/2023 07:45PM

We are continuing to work on a fix for this issue.

IDENTIFIED about 2 years ago - at 03/10/2023 07:44PM

The users may be presented with an expired certificate that was signed by the forward proxy for websites that use Digicert CA certs in the certificate cache.

We are continuing to investigate this issue and we will update about the next steps by March 10, 10 PM UTC

Latest Palo Alto Networks outages

SCM Command Center and Activity Insights partial outage - SA Prod - 5 days ago

Strata Logging Service - Issue in Australia - 6 days ago

WildFire Issue - 14 days ago

SCM Command Center partial outage - US Prod - 16 days ago

Prisma Access CIE(Cloud Identity Engine) issue with user group sync - 19 days ago

Stop Juggling Dozens of Status Pages – Monitor Them All in One Place

With IsDown, you can monitor all your critical services' official status pages from one centralized dashboard and receive instant alerts the moment an outage is detected. Say goodbye to constantly checking multiple sites for updates and stay ahead of outages with IsDown.

Start free trial

No credit card required · Cancel anytime · 4200 services available

Integrations with Slack Microsoft Teams Google Chat Datadog PagerDuty Zapier Discord Webhook