Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Oscar_Medina1
Contributor

Import existing client certificates and map to CheckPoint Management Server Admin Account

Hi Y'all,

I am trying to leverage any Azure capabilities that may help streamline the setup of administrator accounts for the management servers we have (currently 2 in two separate Azure Locations).

As of now, I've setup VPN (P2S) to our hub vNET which allows access to the Azure resources including those Management Servers.  My VPN setup simply uses Certificates, so my root CA is stored in Azure Key Vault.  I plan to distribute a different client certificate for each user who will administer the CheckPoint Management servers. 

However, I see that CheckPoint SmartConsole (which I assume uses the API) allows for creating an account and includes the ability to create a certificate for said user.  My question is; can I import an existing user certificate created on KeyVault and map it to a given administrator account via the CLI, if so, what would that look like?  I checked the API and only saw the ability to create an administrator account using a password...

Any guidance is super appreciated,
@SharePointOscar

3 Replies
Robert_Decker
Advisor

Hi Oscar,

SmartConsole doesn't use Management API for user object operations (accounts, certificates). It uses dedicated internal web services on CPM server.

In addition, currently there aro no commands in Management API to perform those operations.

Robert.

0 Kudos
Oscar_Medina1
Contributor

Thanks https://community.checkpoint.com/people/rdeck5af054c0-4c71-4395-9c31-2a794ff5bc37  what about the ICA Management Tool? Seems to handle user cert operations?

0 Kudos
Robert_Decker
Advisor

Maybe, but I'm not familiar with the ICA Management Tool.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events