The certificate selected for the Certificate Key Pair was an older server certificate, since the secondary appliance was recently created and added to the cluster, this certificate did not exist on the secondary appliances.

This may also happen if the certificate did previously exist on the appliance, but was deleted as part of a routine clean-up.

On a primary appliance in the cluster, update the Certificate Key Pair to the current server certificate. This will not cause a reboot or restart of any services.

Alternatively, if that change cannot be made at this time and the older certificate still exists on one of the PAM appliances in the primary site, download it from that appliance and upload it to all other appliances that have the certificate missing.