Additionally, the certificate is signed by the internal PKI; it has SANs, such as IP addresses of the gateways and the cluster, and DNSs (hostnames of the gateways and cluster, along with the domain)

It is showing that the certificate does not match the hostname. Are you sure you created it properly? Also, a silly question, did you push policy with these settings yet?

I'm uploading the error message, it shows a NET::ERR_CERT_AUTHORITY_INVALID

 This are the steps followed in the creation of the certificate:

- Generate the CSR, which includes SANs

- Send the CSR and .key file to the PKI to be signed

- After they signed it, and sent it back, convert the .cer file to a .p12  using SSL Shopper's tool, which asks the .key file and a password

- Transfer the certificate to the server, in which the console is hosted

- In Platform Portal, import the certificate, in this step, the password configured in SSL Shopper is typed, after which, the certificate is imported

- Install policy on the firewall cluster

- After which, I access to a web browser, such as Chrome or Firefox, but it's where the error is shown

Can you send screenshot of the cert itself from smart console?

Andy

I'm attaching certificate details as it is imported in the console.

There's a previous screenshot of the certificate in Platform Portal

Cant open any of them, just says virus scan in progress. Can you message me directly?

Andy

   Sorry, let me try that again

I see it now. If you installed policy after cert is uploaded, no reason why it would not work. Maybe engage TAC to confirm everything, hard to say for me without being able to check it via remote session.

Andy