Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Dan_Roddy
Collaborator

Capsule Cloud Portal Entrust Certificate is revoked

Check CRL Result

Certificate issued by L1K with serial number 4630da99afeb50f40000000050e3e924 has been revoked.

Revocation Date: Wednesday, February 13, 2019 8:24:51 PM +00:00

Revocation Reason: Affiliation Changed

0 Kudos
6 Replies
PhoneBoy
Admin
Admin

Looks like the problem was rectified:

0 Kudos
Dan_Roddy
Collaborator

All 3 of these certificate checks fail and say it is revoked: Entrust, Digicert and Qualys

Why is no one seeing this?  By the way, Chrome does not tell the truth,

Firefox does not lie nor does Edge or IE, all say NOT SECURE

Secure Connection Failed

An error occurred during a connection to cloud.checkpoint.com. Peer’s Certificate has been revoked. Error code: SEC_ERROR_REVOKED_CERTIFICATE

The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.

0 Kudos
Dan_Roddy
Collaborator

OK, Chrome now is trustworthy.  Chrome is reporting 'cert revoked'.

Your connection is not private

Attackers might be trying to steal your information from cloud.checkpoint.com (for example, passwords, messages, or credit cards). Learn more

NET::ERR_CERT_REVOKED 
0 Kudos
PhoneBoy
Admin
Admin

I guess this is still an issue.

Here's what I saw from TAC earlier today:

We are getting cases that our cloud portal (cloud.checkpoint.com) is inaccessible due to a revoked SSL certificate. This seems to affect customer with HTTPS inspection enabled on the on-premise gateways. You can see a message similar to the following log:

 

Please advise customers to use the following workaround until this issue is addressed.

 

  • Create a host object representing the cloud gateway (217.68.8.83).
  • Add the host to the destination fields in the HTTPS bypass rule.
0 Kudos
Dan_Roddy
Collaborator

I have had cloud.checkpoint.com bypassed for over a year.  It will not work unless it is bypassed.  My logs show that it is bypassed.

Oh, never mind.  Someone installed a new certificate, all is well now.  Thank you for listening to me.

0 Kudos
Dan_Roddy
Collaborator

Please check the certificate live, don't use the browser cache, it is out of date.

Check here:   www.entrust.net/customer/crl_form.cfm

0 Kudos
Upcoming Events

    CheckMates Events