https://community.checkpoint.com/t5/General-Topics/HTTPS-Inspection-outbound-certificate-problem/m-p/33109#M6932 <HTML><HEAD></HEAD><BODY><P>If I understand correct you are trying to use a certificate that was issued for the security gateway itself from a CA in https inspection.</P><P>The certificate that need to be used for https inspection should be class CA or sub CA or otherwise you need to generate a certificate issued from the check point internal certificate itself and then distribute it to the client and use that certificate in the outbound inspection this can be done from the https section of the gateway </P></BODY></HTML> Thu, 01 Mar 2018 13:39:50 GMT Marco_Valenti 2018-03-01T13:39:50Z https://community.checkpoint.com/t5/General-Topics/HTTPS-Inspection-outbound-certificate-problem/m-p/33108#M6931 <HTML><HEAD></HEAD><BODY><P>HI,</P><P></P><P>I have a .p12 certificate that has been generated for the FW cluster with the full chain of CAs included.</P><P></P><P>When I use this for the platform portal I have no issues and when I view the certificate I see the full path:</P><P><IMG alt="Portal Certificate" class="image-1 jive-image j-img-original" src="https://community.checkpoint.com/legacyfs/online/checkpoint/63391_Portal.PNG" style="height: auto;" /></P><P></P><P>When I use the same .p12 certificate for HTTPS inspection and view the certificate There is an issue:<IMG alt="HTTP inspection" class="image-2 jive-image j-img-original" src="https://community.checkpoint.com/legacyfs/online/checkpoint/63392_HTTPS.PNG" style="height: auto;" /></P><P>Is there anything specific about HTTPS inspection that could be causing this issue? It is exactly the same .p12 file that is being used for both.</P><P></P><P>Many thanks,</P></BODY></HTML> Thu, 01 Mar 2018 13:22:34 GMT https://community.checkpoint.com/t5/General-Topics/HTTPS-Inspection-outbound-certificate-problem/m-p/33108#M6931 Michael_Horne 2018-03-01T13:22:34Z https://community.checkpoint.com/t5/General-Topics/HTTPS-Inspection-outbound-certificate-problem/m-p/33109#M6932 <HTML><HEAD></HEAD><BODY><P>If I understand correct you are trying to use a certificate that was issued for the security gateway itself from a CA in https inspection.</P><P>The certificate that need to be used for https inspection should be class CA or sub CA or otherwise you need to generate a certificate issued from the check point internal certificate itself and then distribute it to the client and use that certificate in the outbound inspection this can be done from the https section of the gateway </P></BODY></HTML> Thu, 01 Mar 2018 13:39:50 GMT https://community.checkpoint.com/t5/General-Topics/HTTPS-Inspection-outbound-certificate-problem/m-p/33109#M6932 Marco_Valenti 2018-03-01T13:39:50Z https://community.checkpoint.com/t5/General-Topics/HTTPS-Inspection-outbound-certificate-problem/m-p/33110#M6933 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>yes our mistake on the type of configuration.</P></BODY></HTML> Thu, 01 Mar 2018 17:11:25 GMT https://community.checkpoint.com/t5/General-Topics/HTTPS-Inspection-outbound-certificate-problem/m-p/33110#M6933 Michael_Horne 2018-03-01T17:11:25Z