This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Oscar_Medina1
Contributor
‎2018-07-23 12:01 PM

Import existing client certificates and map to CheckPoint Management Server Admin Account

Hi Y'all,

I am trying to leverage any Azure capabilities that may help streamline the setup of administrator accounts for the management servers we have (currently 2 in two separate Azure Locations).

As of now, I've setup VPN (P2S) to our hub vNET which allows access to the Azure resources including those Management Servers.  My VPN setup simply uses Certificates, so my root CA is stored in Azure Key Vault.  I plan to distribute a different client certificate for each user who will administer the CheckPoint Management servers. 

However, I see that CheckPoint SmartConsole (which I assume uses the API) allows for creating an account and includes the ability to create a certificate for said user.  My question is; can I import an existing user certificate created on KeyVault and map it to a given administrator account via the CLI, if so, what would that look like?  I checked the API and only saw the ability to create an administrator account using a password...

Any guidance is super appreciated,
@SharePointOscar

Labels
3 Replies
Robert_Decker
Advisor
‎2018-07-23 12:23 PM

Hi Oscar,

SmartConsole doesn't use Management API for user object operations (accounts, certificates). It uses dedicated internal web services on CPM server.

In addition, currently there aro no commands in Management API to perform those operations.

Robert.

0 Kudos
Oscar_Medina1
Contributor
‎2018-07-23 12:53 PM
In response to Robert_Decker

Thanks https://community.checkpoint.com/people/rdeck5af054c0-4c71-4395-9c31-2a794ff5bc37  what about the ICA Management Tool? Seems to handle user cert operations?

0 Kudos
Robert_Decker
Advisor
‎2018-07-24 01:41 AM
In response to Oscar_Medina1

Maybe, but I'm not familiar with the ICA Management Tool.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events