https://community.checkpoint.com/t5/Firewall-and-Security-Management/SSL-Certificate/m-p/162204#M70429 <P>Hi at all,</P><P>I exported the ssl certificate with the export_p12 command ( cert + key ) is it possible to import it to another cluster?<BR />if so how?</P><P>thanks a lot in adv.</P><P>&nbsp;</P><P>&nbsp;</P><P>Andrea</P> Wed, 16 Nov 2022 10:03:39 GMT andreamarino 2022-11-16T10:03:39Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/SSL-Certificate/m-p/162204#M70429 <P>Hi at all,</P><P>I exported the ssl certificate with the export_p12 command ( cert + key ) is it possible to import it to another cluster?<BR />if so how?</P><P>thanks a lot in adv.</P><P>&nbsp;</P><P>&nbsp;</P><P>Andrea</P> Wed, 16 Nov 2022 10:03:39 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/SSL-Certificate/m-p/162204#M70429 andreamarino 2022-11-16T10:03:39Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/SSL-Certificate/m-p/162209#M70430 <P>What deployment are you speaking of ? SSL certificate usually is generated by the internal CA on SMS and transferred to the managed gateways automatically. For GWs not managed by the SMS, you have to export the .crt file from ICA, see&nbsp;<SPAN>sk110540 !</SPAN></P> Wed, 16 Nov 2022 12:09:31 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/SSL-Certificate/m-p/162209#M70430 G_W_Albrecht 2022-11-16T12:09:31Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/SSL-Certificate/m-p/162210#M70431 <P>For VPN, we do not allow the import of a private key.<BR />What matters most for validation purposes the certificate authority used.<BR />ICA will generate a new certificate for a new cluster.<BR />If you’re using a third party CA, a Certificate Signing Request must be issued for a new private key.</P> Wed, 16 Nov 2022 12:16:25 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/SSL-Certificate/m-p/162210#M70431 PhoneBoy 2022-11-16T12:16:25Z