error: Check-out failed for Network security daemon (/usr/sbin/nsd) without details

According to Juniper KB KB76121 solution is to rollback

“To solve this issue, try to run a “rollback rescue” or any type of rollback that takes you to the previous stage before this issue started occurring.

Once loaded the previous configuration without the certification changes the issue should stop and the SRX should be stable once again.”

I used the below commands to remove the pki key-pair and clear the certificate that was causing the issue, which resolved my issue.

Instead of clearing all of the certificates, you can select the individual certificate ID that you are having issues with by adding certificate-id after PKI.

> clear security pki key-pair certificate-id problem_cert_name

OR to remove all the certificates, use the example below:

> clear security pki crl all

> clear security pki local-certificate all

> clear security pki certificate-request all

> clear security pki ca-certificate all

> clear security pki key-pair all

> restart pki-service

Categorised as: EX, Firewall, Juniper, Networking, SRX

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.