Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Contributor

Need to Import Wildcard Certificate with Generating CSR

We have a wildcard certificate that we use on all our devices. I would like to put this on our R80.20 management server and gateways to help with application and url filtering. Is it possible to install a wildcard certificate without generating a CSR? I also have about 100 remote devices coming to us via VPN and I prefer not to disturb that traffic if possible.

I saw this article asking the same question, but it does not appear to have been resolved and it was from 8/17..

https://community.checkpoint.com/t5/Enterprise-Appliances-and-Gaia/R80-10-GAiA-Portal-Problems-Impor...

I also found this one, but it requires you to create a csr...

https://sc1.checkpoint.com/documents/latest/APIs/index.html#gui-cli/add-wildcard~v1.2%20

I have been googling everything I can think of but cannot find anything.

Any assistance or direction would be greatly appreciated.

We are running r80.20 on open server for the manager and appliances for the gateways. We have the newest patches installed as of last week.

 

0 Kudos
Reply
1 Reply
Admin
Admin

You don't need a certificate for App Control and URL Filtering unless you are planning to do HTTPS Inspection.
In that case, the certificate you generate must be a Certificate Authority key, i.e. able to sign other certificates the gateway generates "on the fly" as users access sites.
That will not be a wildcard certificate.
Also, none of this will impact your existing VPN users.
0 Kudos
Reply