https://community.checkpoint.com/t5/Firewall-and-Security-Management/MDS-config-how-to-update-internal-CA/m-p/18364#M1384 <HTML><HEAD></HEAD><BODY><P>If you're running R77.30 or earlier and haven't applied a recent Jumbo Hotfix, you may be running into this issue:&nbsp;<A class="link-titled" href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk122612" title="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk122612">Connectivity between SmartDashboard / SmartDomain Manager and Security Management / Multi-Domain Management Server R77.3…</A>&nbsp;</P></BODY></HTML> Thu, 26 Apr 2018 16:42:28 GMT PhoneBoy 2018-04-26T16:42:28Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/MDS-config-how-to-update-internal-CA/m-p/18363#M1383 <HTML><HEAD></HEAD><BODY><P>Hello,</P><P></P><P>little issue when executing mdsconfig and creating the new internal CA, it takes the default IP whereas I updated the ip and hostname earlier :</P><P></P><P></P><P>Internal Certificate Authority created successfully<BR /> Certificate was created successfully<BR /><STRONG>Setting FQDN to: 192.168.1.1</STRONG><BR /><STRONG>Executing "$CPDIR/bin/cp_conf ca fqdn 192.168.1.1" in order to set FQDN</STRONG><BR />Trying to contact Certificate Authority. It might take a while...<BR />192.168.1.1 was successfully set to the Internal CA<BR />E<STRONG>xecuting "$CPDIR/bin/cp_conf ca fqdn 192.168.1.1" in order to set FQDN - Done</STRONG><BR /><STRONG>Certificate Authority initialization ended successfully</STRONG></P><P></P><P>I think it is one of the reasons that might prevent the MDS processes from running because it does not find the correct CA for instance, find below the error I get when trying to start MDS services&nbsp; :</P><P></P><P>ERROR: Couldn't create the Internal CA object. Check that the Internal CA process is running.</P><P></P><P>Thanks in advance for the help.</P></BODY></HTML> Thu, 26 Apr 2018 10:09:31 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/MDS-config-how-to-update-internal-CA/m-p/18363#M1383 Furil 2018-04-26T10:09:31Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/MDS-config-how-to-update-internal-CA/m-p/18364#M1384 <HTML><HEAD></HEAD><BODY><P>If you're running R77.30 or earlier and haven't applied a recent Jumbo Hotfix, you may be running into this issue:&nbsp;<A class="link-titled" href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk122612" title="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk122612">Connectivity between SmartDashboard / SmartDomain Manager and Security Management / Multi-Domain Management Server R77.3…</A>&nbsp;</P></BODY></HTML> Thu, 26 Apr 2018 16:42:28 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/MDS-config-how-to-update-internal-CA/m-p/18364#M1384 PhoneBoy 2018-04-26T16:42:28Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/MDS-config-how-to-update-internal-CA/m-p/18365#M1385 <HTML><HEAD></HEAD><BODY><P>Hello Dameon,</P><P></P><P>First, thanks for the reply <img id="smileyhappy" class="emoticon emoticon-smileyhappy" src="https://community.checkpoint.com/i/smilies/16x16_smiley-happy.png" alt="Smiley Happy" title="Smiley Happy" /></P><P>Ha! yes I did forget to precise the version ... Indeed it is a 77.30 recently upgraded from R76 (lab <img id="smileyhappy" class="emoticon emoticon-smileyhappy" src="https://community.checkpoint.com/i/smilies/16x16_smiley-happy.png" alt="Smiley Happy" title="Smiley Happy" />) . But what I find strange is that I manualy installed the last CPuse agent (section 3-A):</P><P></P><P><A class="link-titled" href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk92449#Latest%20build%20of%20CPUSE%20and%20What" title="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk92449#Latest%20build%20of%20CPUSE%20and%20What">Check Point Upgrade Service Engine (CPUSE) - Gaia Deployment Agent</A>&nbsp;</P><P></P><P></P><P>Then I also did install the last hotfix compatible with R77.30 (302) :</P><P></P><P><A class="link-titled" href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk106389" title="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk106389">R77.30 Recommended Hotfixes</A>&nbsp;</P><P></P><P>As hotfix are incremental, should it not be ok like that ? If yes then the only thing I can think of is that I did not follow correctly the migration procedure then.</P><P></P><P>Well I will setup a new lab later to debug further ... for the moment I took a snapshot of another MDS which does have same hardware and OS for migration purpose <img id="smileyhappy" class="emoticon emoticon-smileyhappy" src="https://community.checkpoint.com/i/smilies/16x16_smiley-happy.png" alt="Smiley Happy" title="Smiley Happy" /></P><P></P><P>Thanks again and have a nice weekend <img id="smileyhappy" class="emoticon emoticon-smileyhappy" src="https://community.checkpoint.com/i/smilies/16x16_smiley-happy.png" alt="Smiley Happy" title="Smiley Happy" /></P></BODY></HTML> Sat, 28 Apr 2018 09:13:57 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/MDS-config-how-to-update-internal-CA/m-p/18365#M1385 Furil 2018-04-28T09:13:57Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/MDS-config-how-to-update-internal-CA/m-p/50815#M3770 Hello,<BR /><BR />Sorry for the delay, it did indeed resolve the issue I just had to run the wizard via mdsconfig again and it works ...<BR />I cannot believe I did this mistake... Thank for your help<BR /> Sat, 13 Apr 2019 11:10:09 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/MDS-config-how-to-update-internal-CA/m-p/50815#M3770 Furil 2019-04-13T11:10:09Z