Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Allen_Fambro
Employee
Employee

Bulk Import / Management of Server Certificates

Hello Checkmates Community,

  Does anyone have any tricks or know of any automation features to perform a bulk import of server certificates to be used for Inbound HTTPs inspection??  I checked the Management API Reference guide but don’t see the option to create / import server certificates (see corresponding SmartDashboard screenshot below)…

  Also if anyone knows of any good Certificate management / automation tools that integrate with Check Point that would be awesome.

  Any advice or assistance would be greatly appreciated.  Thank you.

 

Allen_Fambro_0-1653076876115.png

 

 

0 Kudos
2 Replies
Sorin_Gogean
Advisor

Hey @Allen_Fambro ,

There you can use p12 type of files and "PKCS#12 container may contain multiple encrypted private keys and public certificates. The upper limit is not strictly defined." . 

So in theory you could have multiple cert and keys in a file and try to import it.....

I would recommend the use smth like "keystore-explorer" (https://keystore-explorer.org/index.html) that allows you to alter p12 files and add certs/keys, etc, etc, etc....

Give it a try with 2 - 3 cert/keys and let us know how it went.

 

PS: you require that in the case you need to inspect the HTTPS traffic that goes towards servers that are behind CheckPoint GW - just saying 😁 ....

0 Kudos
PhoneBoy
Admin
Admin

There aren’t any APIs related to managing the certificates for HTTPS Inspection until R81.20.
I don’t recall if they include APIs for that specific function, though.

0 Kudos