Palo Alto Failed To Fetch Device Certificate Tpm Public Key Match Failed Updated full Direct

set device-setting tpm-public-key-match disable

: For newer versions (like PAN-OS 12.1.x), a bug causes .pub_pem files to accumulate in /opt/pancfg/mgmt/ssl/private/ , filling the partition. A reboot clears this temporary directory and often allows a successful fetch.

SSH into the firewall and tail the GP logs:

Palo Alto Failed To Fetch Device Certificate Tpm Public Key Match Failed Updated __full__ Direct

Palo Alto Failed To Fetch Device Certificate Tpm Public Key Match Failed Updated full Direct