Device certificate OTPs have a 60-minute lifetime . If the fetch fails once, the OTP often expires immediately and must be regenerated.
In some cases, the firewall's configuration state is out of sync. Forcing a commit can re-initialize the management plane's certificate handler. configure -> commit force . 3. Adjust Management MTU Device certificate OTPs have a 60-minute lifetime
The existing invalid certificate must be manually removed from the device's root directory, which is inaccessible to standard administrators. Device certificate OTPs have a 60-minute lifetime
The firewall's hardware TPM generates a public key that must match the record in the Support Portal. If the device was previously registered or had a certificate that wasn't cleared properly, the portal may reject new fetch requests. Device certificate OTPs have a 60-minute lifetime