https://community.checkpoint.com/t5/Endpoint/Check-Point-Endpoint-SSL-Certificate-Change-impacts/m-p/148792#M5646 <P>Hi,</P><P>firstly you need to create certificate and import for endpoint client .Than you need to create ssl inspection certificate and import to ssl inspection blade.Thats generel information for ssl inspection.</P><P data-unlink="true">congratulations</P><P data-unlink="true">&nbsp;</P> Tue, 17 May 2022 10:59:49 GMT ealtun 2022-05-17T10:59:49Z https://community.checkpoint.com/t5/Endpoint/Check-Point-Endpoint-SSL-Certificate-Change-impacts/m-p/148761#M5640 <P>Hello!</P><P>We want to change our Endpoint SSL-Certificate on our management server. We know how to do it but we don't know if there is any kind of impact to the client connections. So will the&nbsp; clients still be connected to the Endpoint-server or will they lose there connection due to a change of the fingerprint or similar?</P> Tue, 17 May 2022 05:42:35 GMT https://community.checkpoint.com/t5/Endpoint/Check-Point-Endpoint-SSL-Certificate-Change-impacts/m-p/148761#M5640 TonyStark 2022-05-17T05:42:35Z https://community.checkpoint.com/t5/Endpoint/Check-Point-Endpoint-SSL-Certificate-Change-impacts/m-p/148766#M5641 <P>Can you elaborate please?</P> Tue, 17 May 2022 06:29:33 GMT https://community.checkpoint.com/t5/Endpoint/Check-Point-Endpoint-SSL-Certificate-Change-impacts/m-p/148766#M5641 _Val_ 2022-05-17T06:29:33Z https://community.checkpoint.com/t5/Endpoint/Check-Point-Endpoint-SSL-Certificate-Change-impacts/m-p/148767#M5642 <P>We are running a Endpoint-Server with certificates signed by a internal CA. Nessus-scans report that the certificate is self-signed. Now we want to implement a CSR as done here: <A href="https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsupportcenter.checkpoint.com%2Fsupportcenter%2Fportal%3FeventSubmit_doGoviewsolutiondetails%3D%26solutionid%3Dsk97648&amp;data=05%7C01%7Cmarcel.holdernig%40atos.net%7C41e7a786635d484eaf3408da342bf6ff%7C33440fc6b7c7412cbb730e70b0198d5a%7C0%7C0%7C637879660819304360%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&amp;sdata=3gkhm1kXPR6%2F0nYrw0L10UIQvb81E9eb0CZdrn4LmOk%3D&amp;reserved=0" target="_blank">https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk97648</A></P><P>The certificate is backed up and it seems to be the right "tutorial" thats what we need. But we also need to know if Clients will stay connected to the Endpoint-Server after implementing this or if they lose connection due to whatever reason there could be</P> Tue, 17 May 2022 06:42:49 GMT https://community.checkpoint.com/t5/Endpoint/Check-Point-Endpoint-SSL-Certificate-Change-impacts/m-p/148767#M5642 TonyStark 2022-05-17T06:42:49Z https://community.checkpoint.com/t5/Endpoint/Check-Point-Endpoint-SSL-Certificate-Change-impacts/m-p/148774#M5645 <P>Firstly, you can ignore Nessus results, self-signed here does not present a security risk of any kind.&nbsp;<BR />Secondly, you will have a wide endpoint impact, they will not be able to reconnect, until each client accepts the new cert, or is fully redeployed.</P> Tue, 17 May 2022 08:33:40 GMT https://community.checkpoint.com/t5/Endpoint/Check-Point-Endpoint-SSL-Certificate-Change-impacts/m-p/148774#M5645 _Val_ 2022-05-17T08:33:40Z https://community.checkpoint.com/t5/Endpoint/Check-Point-Endpoint-SSL-Certificate-Change-impacts/m-p/148792#M5646 <P>Hi,</P><P>firstly you need to create certificate and import for endpoint client .Than you need to create ssl inspection certificate and import to ssl inspection blade.Thats generel information for ssl inspection.</P><P data-unlink="true">congratulations</P><P data-unlink="true">&nbsp;</P> Tue, 17 May 2022 10:59:49 GMT https://community.checkpoint.com/t5/Endpoint/Check-Point-Endpoint-SSL-Certificate-Change-impacts/m-p/148792#M5646 ealtun 2022-05-17T10:59:49Z