>
    Strata Copilot
    Troubleshoot Revoked Certificates (Strata Cloud Manager)
    Focus
    Download PDF
    Focus
    1. Home
    2. Network Security
    4. Troubleshoot Decryption
    5. Troubleshoot Revoked Certificates
    6. Troubleshoot Revoked Certificates (Strata Cloud Manager)
    Download PDF
    Network Security

    Troubleshoot Revoked Certificates (Strata Cloud Manager)

    Table of Contents

    Troubleshoot Revoked Certificates (Strata Cloud Manager)

    Before you begin this task, enable certificate revocation checks using OCSP and CRL if you haven't already.
    1. Filter the decryption logs for certificate revocation errors.
      1. Select Log Viewer, and then select Firewall/Decryption.
      2. In the search field, enter the following query: Error Message = ‘OCSP/CRL check: certificate revoked’.
    2. (Optional) Double-check the certificate expiration date at the Qualys SSL Labs site.
      Enter the hostname of the server (Server Name Identification column of the decryption log) in the Hostname field and Submit it to view certificate information for the host.

    © 2025 Palo Alto Networks, Inc. All rights reserved.