error: Check-out failed for Network security daemon (/usr/sbin/nsd) without details
According to Juniper KB KB76121 solution is to rollback
“To solve this issue, try to run a “rollback rescue” or any type of rollback that takes you to the previous stage before this issue started occurring.
Once loaded the previous configuration without the certification changes the issue should stop and the SRX should be stable once again.”
I used the below commands to remove the pki key-pair and clear the certificate that was causing the issue, which resolved my issue.
Instead of clearing all of the certificates, you can select the individual certificate ID that you are having issues with by adding certificate-id after PKI.
> clear security pki key-pair certificate-id problem_cert_name
OR to remove all the certificates, use the example below:
> clear security pki crl all
> clear security pki local-certificate all
> clear security pki certificate-request all
> clear security pki ca-certificate all
> clear security pki key-pair all
> restart pki-service
Categorised as: EX, Firewall, Juniper, Networking, SRX
Leave a Reply
You must be logged in to post a comment.